User Tools

Site Tools

Trace: memcache_invetigation lxc-containers ssl_poodle
ssl_poodle

This is an old revision of the document!

To resolve poodle vulnerability please add the following to the virtual host: 

        #resolve poodle vulnerability 
        SSLHonorCipherOrder on
        SSLProtocol ALL -SSLv2 -SSLv3
        SSLCipherSuite EECDH+AESGCM:EECDH+AES256:EECDH+AES128:EECDH+3DES:EDH+AES:RSA+AESGCM:RSA+AES:RSA+3DES:!ECDSA:!NULL:!MD5:!DSS
And to allow this globally please add in the /etc/httpd/conf.d/ssl.conf file: 
SSLProtocol -all -SSLv2 -SSLv3 +TLSv1

ssl_poodle.1441970648.txt.gz · Last modified: 2024/05/23 07:26 (external edit)
Except where otherwise noted, content on this wiki is licensed under the following license: Public Domain
Public Domain Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki