| 1 |
>> I recently upgraded from apache-2.2.27 to apache-2.2.27-r4 and |
| 2 |
>> etc-update wanted to add the following directive to the default SSL |
| 3 |
>> vhost: |
| 4 |
>> |
| 5 |
>> SSLProtocol ALL -SSLv2 -SSLv3 |
| 6 |
>> |
| 7 |
>> I had already disabled SSLv2 (security issue?) but this also disables |
| 8 |
>> SSLv3. Could that cause a compatibility issue? |
| 9 |
>> |
| 10 |
>> - Grant |
| 11 |
>> |
| 12 |
> |
| 13 |
> You can use something like Qualys SSL Labs[0] to test if anything breaks. |
| 14 |
> |
| 15 |
> https://www.ssllabs.com/ssltest/index.html |
| 16 |
|
| 17 |
|
| 18 |
Isn't it a browser compatibility issue though? Are there browsers out |
| 19 |
there that support SSLv3 but not TLS? |
| 20 |
|
| 21 |
- Grant |
Archives