httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Matthew Hughes <>
Subject [users@httpd] mod_ssl, poodle and SSLv2Hello
Date Fri, 17 Oct 2014 17:49:10 GMT
Many SSL clients, notably JDK 6, use the SSLv2Hello protocol to handshake with the server.
 Using this protocol does *not* mean you are using SSL 2.0 or 3.0 for that matter; it is merely
a handshake to determine *which* protocol to use.  []

However, in Apache, if you disable SSLv3 support, this apparently removes support for the
SSLv2Hello protocol.  Apache Tomcat has explicit support for SSLv2Hello; that is, you can
enable that, but not enable SSLv3.  

Is there any way to do this in Apache?  
To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message