Mailinglist Archive: opensuse-buildservice (327 mails)
| < Previous | Next > |
Re: [opensuse-buildservice] OBS is using new login auth proxy
- From: Ludwig Nussel <ludwig.nussel@xxxxxxx>
- Date: Tue, 19 Apr 2011 16:35:58 +0200
- Message-id: <201104191635.58689.ludwig.nussel@suse.de>
Jan-Simon Möller wrote:
Something like this should work:
https://build.opensuse.org/package/view_file?file=apache2-vhost-ssl.template&package=apache2&project=Apache
That's more or less cosmetic though. More important (and usually
even more broken) are the clients. Clients need to avoid offering
weak methods and ciphers to avoid MITM.
cu
Ludwig
--
(o_ Ludwig Nussel
//\
V_/_ http://www.suse.de/
SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg)
--
To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-buildservice+help@xxxxxxxxxxxx
Am Dienstag, 19. April 2011, 15:59:08 schrieb Cristian Rodríguez:
Yes, it is unstable atm, also, it allows SSLv2 ! looks like someone
forgot to disable it in the vhost configuration...
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:
+eNULL
Something like this should work:
https://build.opensuse.org/package/view_file?file=apache2-vhost-ssl.template&package=apache2&project=Apache
That's more or less cosmetic though. More important (and usually
even more broken) are the clients. Clients need to avoid offering
weak methods and ciphers to avoid MITM.
cu
Ludwig
--
(o_ Ludwig Nussel
//\
V_/_ http://www.suse.de/
SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg)
--
To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-buildservice+help@xxxxxxxxxxxx
| < Previous | Next > |