httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Matthew Hughes <hughes.m...@gmail.com>
Subject [users@httpd] mod_ssl, poodle and SSLv2Hello
Date Fri, 17 Oct 2014 17:49:10 GMT
Many SSL clients, notably JDK 6, use the SSLv2Hello protocol to handshake with the server.
 Using this protocol does *not* mean you are using SSL 2.0 or 3.0 for that matter; it is merely
a handshake to determine *which* protocol to use.  [http://tools.ietf.org/html/rfc5246#appendix-E.2]

However, in Apache, if you disable SSLv3 support, this apparently removes support for the
SSLv2Hello protocol.  Apache Tomcat has explicit support for SSLv2Hello; that is, you can
enable that, but not enable SSLv3.  

Is there any way to do this in Apache?  
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message