Am Dienstag, 19. April 2011, 16:35:58 schrieb Ludwig Nussel:
Jan-Simon Möller wrote:
Am Dienstag, 19. April 2011, 15:59:08 schrieb Cristian Rodríguez:
Yes, it is unstable atm, also, it allows SSLv2 ! looks like someone forgot to disable it in the vhost configuration...
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP: +eNULL
Something like this should work: https://build.opensuse.org/package/view_file?file=apache2-vhost-ssl.templat e&package=apache2&project=Apache
Added.
That's more or less cosmetic though. More important (and usually even more broken) are the clients. Clients need to avoid offering weak methods and ciphers to avoid MITM.
Yes, it would be best. Best, Jan-Simon -- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-buildservice+help@opensuse.org