Project

General

Profile

Actions

Bug #1853

closed

ssl.cipher-list + ssl.use-sslv2 do not seem to work

Added by nitrox about 16 years ago. Updated almost 16 years ago.

Status:
Invalid
Priority:
Normal
Category:
core
Target version:
ASK QUESTIONS IN Forums:

Description

Setting the following options...

ssl.use-sslv2 = "disable" 
ssl.cipher-list = "AES256-SHA" 

...and testing with

openssl s_client -no_tls1 -no_ssl3 -connect <somehost>:443

results in

Protocol  : SSLv2
Cipher    : DES-CBC3-MD5

So neither disabling sslv2 nor cipher-list seems to work, tested on 1.4.20, not tested on 1.5.

Actions #1

Updated by nitrox almost 16 years ago

  • Assignee set to stbuehler

small update, 1.5 seems to work correctly

Actions #2

Updated by stbuehler almost 16 years ago

  • Status changed from New to Invalid

These ssl options:

ssl.use-sslv2 = "disable" 
ssl.cipher-list = "AES256-SHA" 

must be in the same block as
ssl.engine = "enable" 

and the other ssl options.

But we will disable sslv2 by default in the next release anyway.

Actions

Also available in: Atom