[openssl-dev] Disabling SSLv3 in OpenSSL 0.9.8a
Thirumal, Karthikeyan
KThirumal at inautix.co.in
Fri Jan 23 16:21:00 UTC 2015
Team,
In order to fix the Poodle vulnerability on SSLv3, I tried to disable my SSLv3 cipher using the below cipher set, but did not even initiate SSL in 0.9.8a.
SSL_CTX_set_cipher_list(ssl_ctx,"SHA1+HIGH:!SSLv2:!SSLv3:!aNULL:!eNULL:@STRENGTH");
Without "!SSLv3" - by SSL connection is working fine by blocking just SSLv2.
Can you advise if the above cipher list is right ?
Thanks & Regards
________________________
Karthikeyan Thirumal
******************************************************
This message and any files or attachments sent with this message contain confidential information and is intended only for the individual named. If you are not the named addressee, you should not disseminate, distribute, copy or use any part of this email. If you have received this message in error, please delete it and all copies from your system and notify the sender immediately by return Email.
Email transmission cannot be guaranteed to be secure or error-free as information can be intercepted, corrupted, lost, destroyed, late, incomplete or may contain viruses. The sender, therefore, does not accept liability for any errors or omissions in the contents of this message, which arise as a result of email transmission.
******************************************************
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20150123/c1d131f6/attachment-0001.html>
More information about the openssl-dev
mailing list