26 Jan
2015
26 Jan
'15
10:06 a.m.
Hi list, I'm configuring apache with https and I've a question about sslv3 deactivation.
Running "openssl ciphers -v" I get a list of cypher suite of openssl like:
ECDH-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH/RSA Au=ECDH Enc=AESGCM(128) Mac=AEAD .........
Each lines report relative protocol.
Disabling sslv3 with "SSLProtocol all -SSLv3" I can use cypher like:
ECDH-RSA-DES-CBC3-SHA SSLv3 Kx=ECDH/RSA Au=ECDH Enc=3DES(168) Mac=SHA1
that has protocol SSLv3?
Disabling SSLv3 protocol, apache will use only TLSv1.2 cypher protocol?
Thanks in advance.
Alessandro.