17 Oct
2014
17 Oct
'14
1:41 a.m.
According to the centos wiki:
Validating Changes
You can use Qualys SSL Labs to verify that your web server is no longer vulnerable to POODLE or TLS_FALLBACK_SCSV once all action is complete. You might also want to only use TLSv1.2 for httpd on CentOS-6.5 (or higher) and CentOS-7, while using TLSv1 on CentOS-5.
However, on my up-to-datestock CentOS-6.5 the httpd version is 2.2.15 and attems to use SSLProtocols greater than v1 yield this error:
Syntax error on line 101 of /etc/httpd/conf.d/ssl.conf: SSLProtocol: Illegal protocol 'TLSv1.1'
I presume that the wiki is in error but I would like confirmation of that or instructions on how to enable TLSv1.1 and 1.2 on CentOS-6.5.
--
*** E-Mail is NOT a SECURE channel ***
James B. Byrne mailto:ByrneJB@Harte-Lyne.ca
Harte & Lyne Limited http://www.harte-lyne.ca
9 Brockley Drive vox: +1 905 561 1241
Hamilton, Ontario fax: +1 905 561 0757
Canada L8E 3C3