Forum Discussion
What_Lies_Bene1
Oct 28, 2014Cirrostratus
Thanks Jie but I don't see any solution in SOL15702 or the article you link to, for versions prior to 11.5?
Regardless, I'm happy that I can disable SSLv3 by simply specifying
NONE:
followed by a small set of TLS only ciphers.- JGOct 28, 2014CumulonimbusI see. Did you test to see if SSLv3 is really disabled after removing SSLv3 cipher suite?
- What_Lies_Bene1Oct 28, 2014CirrostratusSee below, restricting the ciphers to TLS1.2 ones indirectly 'disables' SSLv3 (i.e its not disabled but will never be used) without the need to modify the Apache ssl.conf file.