Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #working example site with SSLv3 disabled:
- My-iMac:~ me$ openssl s_client -connect facebook.com:443
- CONNECTED(00000003)
- depth=1 /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert High Assurance CA-3
- ....
- #My site with SSLv3 disabled:
- My-iMac:~ me$ openssl s_client -connect site.company.com:443
- CONNECTED(00000003)
- 66904:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:/SourceCache/OpenSSL098/OpenSSL098-52/src/ssl/s23_lib.c:182:
- #Same site, now with -tls1 on command line, works:
- My-iMac:~ me$ openssl s_client -connect site.company.com:443 -tls1
- CONNECTED(00000003)
- depth=1 /C=US/O=GeoTrust Inc./CN=RapidSSL SHA256 CA - G3
- ....
- SSLEngine on
- SSLProtocol -all +TLSv1
- SSLHonorCipherOrder On
- SSLCipherSuite RC4:HIGH:!MD5:!aNULL:!EDH:!AESGCM:!SSLV2:!eNULL
- SSLCertificateFile /opt/ca/cert.pem
- SSLCertificateChainFile /opt/ca/cert.pem
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement