openssl and weak ciphers
mark
m.roth2006 at rcn.com
Thu Dec 11 18:41:18 UTC 2008
Rohit khaladkar wrote:
> I guess I had this problem earlier. I changed the ssl.conf file as
> following:
>
> SSLProtocol all -SSLv2
> SSLCipherSuite
> ALL:!ADH:!NULL:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:-LOW:+SSLv3:+TLSv1:-SSLv2:+EXP:+eNULL
>
There we go - I believe that line could be rewritten as
ALL:!ADH:!NULL:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+SSLv3:+TLSv1:-SSLv2:+EXP:+eNULL
There's also the question of whether you want to use SSLv1.
mark
>
> Hope this helps.
>
>
>
> Thanks!
>
> Rohit Khaladkar.
>
>
>
>
>
> On 12/11/08, Jay Berryman <jay.berryman at sitel.com> wrote:
>> I am trying to figure out how to disable weak cipher suites within
>> openssl and haven't had much luck. Does anyone know how to do this?
>>
>>
>>
>> Jay Berryman
>> Systems Engineer
>> +1 402.963.6347 T
>>
>> +1 402.963.6051 F
>> jay.berryman at sitel.com
>>
>>
>>
>> Sitel
>> 5601 N 103rd St
>> Omaha, NE 68132
>> +1 402.963.6001
>> www.sitel.com <http://www.sitel.com/>
>>
>>
>>
>> **CONFIDENTIAL NOTICE**
>> This e-mail and any files transmitted with it may contain PRIVILEGED or
>> CONFIDENTIAL information and may be read or used only by the intended
>> recipient. If you are not the intended recipient of the e-mail or any
>> of its attachments, please be advised that you have received this e-mail in
>> error and that any use, dissemination, distribution, forwarding, printing,
>> or copying of this e-mail or any attached files is strictly prohibited. If
>> you have received this e-mail in error, please immediately purge it and all
>> attachments and notify the sender by reply e-mail.
>> --
>> redhat-list mailing list
>> unsubscribe mailto:redhat-list-request at redhat.com?subjectunsubscribe
>> https://www.redhat.com/mailman/listinfo/redhat-list
>>
More information about the redhat-list
mailing list