[CentOS] POODLE on CentOS
James B. Byrne
byrnejb at harte-lyne.ca
Thu Oct 16 23:41:40 UTC 2014
According to the centos wiki:
Validating Changes
You can use Qualys SSL Labs to verify that your web server is no longer
vulnerable to POODLE or TLS_FALLBACK_SCSV once all action is complete. You
might also want to only use TLSv1.2 for httpd on CentOS-6.5 (or higher) and
CentOS-7, while using TLSv1 on CentOS-5.
However, on my up-to-datestock CentOS-6.5 the httpd version is 2.2.15 and
attems to use SSLProtocols greater than v1 yield this error:
Syntax error on line 101 of /etc/httpd/conf.d/ssl.conf:
SSLProtocol: Illegal protocol 'TLSv1.1'
I presume that the wiki is in error but I would like confirmation of that or
instructions on how to enable TLSv1.1 and 1.2 on CentOS-6.5.
--
*** E-Mail is NOT a SECURE channel ***
James B. Byrne mailto:ByrneJB at Harte-Lyne.ca
Harte & Lyne Limited http://www.harte-lyne.ca
9 Brockley Drive vox: +1 905 561 1241
Hamilton, Ontario fax: +1 905 561 0757
Canada L8E 3C3
More information about the CentOS
mailing list