Mitigating Poodle / SSL 3.0 Issue

try this


I have the CA cert. installed… if I install this Chain cert., it will replace the CA one. How do I install this chain Certificate ?

when I check here
It shows SAFE from Poodle & heartbleed but I’m getting one issue :

Recommendations Update your certificate chain. Your certificate chain is valid, but some older browsers may not recognize it. To support older browsers, download and install the missing intermediate certificate. | Download certificate

look in your SSL section – look at the tabs – the end one is what you are looking for

Thanks … Resolved!

I wonder is the solution offered on for CentOS/RHEL 6.x:

SSLHonorCipherOrder On SSLProtocol -All +TLSv1 +TLSv1.1 +TLSv1.2

more complete as it disables all protocols and enables recommended +TLSv1 +TLSv1.1 +TLSv1.2 protocols only? Or it is the same with SSLProtocol all -SSLv2 -SSLv3

allsupported wrote that summary

It’s based on this ticket

Since Version 1.720 (24th November 2014)

SSL v2 and v3 are now disabled by default at Webmin install time, to block the POODLE attack. They can be re-enabled on the SSL Encryption page of the Webmin Configuration module.