https://bugzilla.novell.com/show_bug.cgi?id=693479 https://bugzilla.novell.com/show_bug.cgi?id=693479#c3 --- Comment #3 from Adrian Dimcev <adimcev@carbonwind.net> 2011-05-13 12:27:50 UTC --- "Suse Linux Enterprise Server 11 SP1 fails to ship a proper SSL/TLS sample configuration." -> in the context of "The results are somehow mixed." -> where results = "Specifically basic settings were verified, nothing really advanced; the SSL/TLS protocols enabled by default(SSL 2.0 to be disabled as per RFC 6176), cipher suites enabled by default(if any weak or export ciphers suites are enabled), secure renegotiation patch support and the underlying OpenSSL version shipped with the OS." "Did not encounter major issues either in quickly have a default SSL site up and running on Suse Linux Enterprise Server 11 SP1." -> a few words mentioning that for the test's needed functionality(have a default HTTPS web site up and running, point the scanner against it and obtain the results) no issues were encountered and the setup was easy. So basically it's easy to have a default HTTPS web site up and running but in terms of SSL protocol version and cipher suites support the default configuration is inappropriate. Thanks, Adrian -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.