Ssl2 + ssl3 disable: Unterschied zwischen den Versionen

Aus Xinux Wiki
Zur Navigation springen Zur Suche springen
Zeile 1: Zeile 1:
=Apache2 SSLv3 deactivate=
+
*[[Apache2 SSLv3 deactivate]]
*cat /etc/apache2/httpd.conf
+
 
SSLProtocol ALL -SSLv2 -SSLv3
 
 
=Dovecot SSLv3 deactivate=
 
=Dovecot SSLv3 deactivate=
 
*cat /etc/dovecot/conf.d/10-ssl.conf  
 
*cat /etc/dovecot/conf.d/10-ssl.conf  

Version vom 6. November 2018, 14:38 Uhr

Dovecot SSLv3 deactivate

  • cat /etc/dovecot/conf.d/10-ssl.conf
ssl_protocols = !SSLv2 !SSLv3

Postfix SSLv3 deactivate

  • cat /etc/postfix/main.cf
smtpd_tls_mandatory_protocols = !SSLv2 !SSLv3
smtp_tls_mandatory_protocols = !SSLv2 !SSLv3
smtp_tls_protocols = !SSLv2, !SSLv3
smtpd_tls_protocols = !SSLv2 !SSLv3

Tests

Apache2

  • openssl s_client -ssl3 -connect www.example.com:443

Dovecot

  • openssl s_client -ssl3 -connect www.example.com:993

Postfix

smtps

  • openssl s_client -ssl3 -connect www.example.com:465

submission

  • openssl s_client -ssl3 -connect www.example.com:587

Openldap(test)

  • cat tls-min.ldif
dn: cn=config
changetype: modify
replace: olcTLSProtocolMin
olcTLSProtocolMin: 3.2
  • ldapmodify -Y EXTERNAL -H ldapi:/// -f tls-min.ldif

Source

Abgerufen von „http://wiki.ixheim.de/index.php?title=Ssl2_%2B_ssl3_disable&oldid=17574