SSLv3 and Nessus security scan

I’ve web server and Nessus security scan reports that SSLv2 is not good enough for my web server. What have you need to do, to disable SSLv2 and enable SSLv3 or TLSv1. It’s really easy, you need only to change your main ssl.conf configuration file:

SSLProtocol -ALL +SSLv3 +TLSv1

 Now you can try to make connection from command prompt:

openssl s_client –ssl2 –connect virtualhost:443

Make sure you get error in this one and fine output on those below. 

openssl s_client –ssl3 –connect virtualhost:443
openssl s_client –tls1 –connect virtualhost:443

Configuration file is in /etc/httpd/conf.d on RedHat Linux and clones and in /etc/apache2/conf.d on SuSE Linux. You must restart Apache web server after making changes.

Dodaj odgovor

Vaš e-naslov ne bo objavljen. * označuje zahtevana polja