[CentOS] POODLE on CentOS

Thu Oct 16 23:41:40 UTC 2014
James B. Byrne <byrnejb at harte-lyne.ca>

According to the centos wiki:

Validating Changes

You can use Qualys SSL Labs to verify that your web server is no longer
vulnerable to POODLE or TLS_FALLBACK_SCSV once all action is complete. You
might also want to only use TLSv1.2 for httpd on CentOS-6.5 (or higher) and
CentOS-7, while using TLSv1 on CentOS-5.


However, on my up-to-datestock CentOS-6.5 the httpd version is 2.2.15 and
attems to use SSLProtocols greater than v1 yield this error:


Syntax error on line 101 of /etc/httpd/conf.d/ssl.conf:
SSLProtocol: Illegal protocol 'TLSv1.1'


I presume that the wiki is in error but I would like confirmation of that or
instructions on how to enable TLSv1.1 and 1.2 on CentOS-6.5.

-- 
***          E-Mail is NOT a SECURE channel          ***
James B. Byrne                mailto:ByrneJB at Harte-Lyne.ca
Harte & Lyne Limited          http://www.harte-lyne.ca
9 Brockley Drive              vox: +1 905 561 1241
Hamilton, Ontario             fax: +1 905 561 0757
Canada  L8E 3C3