Ssl2 + ssl3 disable
Apache2 SSLv3 deactivate
- cat /etc/apache2/httpd.conf
SSLProtocol ALL -SSLv2 -SSLv3
Dovecot SSLv3 deactivate
- cat /etc/dovecot/conf.d/10-ssl.conf
ssl_protocols = !SSLv2 !SSLv3
Postfix SSLv3 deactivate
- cat /etc/postfix/main.cf
smtpd_tls_mandatory_protocols = !SSLv2 !SSLv3 smtp_tls_mandatory_protocols = !SSLv2 !SSLv3 smtp_tls_protocols = !SSLv2, !SSLv3 smtpd_tls_protocols = !SSLv2 !SSLv3
Tests
Apache2
- openssl s_client -ssl3 -connect www.example.com:443
Dovecot
- openssl s_client -ssl3 -connect www.example.com:993
Postfix
smtps
- openssl s_client -ssl3 -connect www.example.com:465
or
submission
- openssl s_client -ssl3 -connect www.example.com:587