Ssl 3.0

**JacobHaug** · 12-15-2008 01:19 AM

I'm trying to setup an SSL certificate on one of my servers, but can't because of the following error.

Synopsis : The remote service encrypts traffic using a protocol with known weaknesses. Description : The remote service accepts connections encrypted using SSL 2.0, which reportedly suffers from several cryptographic flaws and has been deprecated for several years. An attacker may be able to exploit these issues to conduct man-in-the-middle attacks or decrypt communications between the affected service and clients. See also : http://www.schneier.com/paper-ssl.pdf Solution: Consult the application's documentation to disable SSL 2.0 and use SSL 3.0 or TLS 1.0 instead. See http://support.microsoft.com/kb/216482 for instructions on IIS. See http://httpd.apache.org/docs/2.0/mod/mod _ssl.html for Apache. Risk Factor: Medium / CVSS Base Score : 2 (AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:N) [More]

How can I go about changing things over to SSL 3.0? It's a Cpanel/WHM server...what are your thoughts?

**cPanelDavidG** · 12-15-2008 10:29 AM

Originally Posted by JacobHaug

I'm trying to setup an SSL certificate on one of my servers, but can't because of the following error.

How can I go about changing things over to SSL 3.0? It's a Cpanel/WHM server...what are your thoughts?

What it is essentially complaining about is the SSLCipherSuite permitting SSL 2.0 connections. If you are running cPanel/WHM 11.24 or later, it's easy to change this. Just go to WHM -> Service Configuration -> Apache Configuration -> Global Configuration and edit the SSLCipherSuite as desired, then click "Save" at the bottom of the page.

**JacobHaug** · 12-15-2008 11:01 PM

Mine is set to the follow....what should I change?

ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:+SSLv2:-EXP

Would this work?

ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:+SSLv3:-EXP

What to do, oh what to do...

**cPanelDavidG** · 12-16-2008 09:11 AM

Originally Posted by JacobHaug

Mine is set to the follow....what should I change?

ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:+SSLv2:-EXP

Would this work?

ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:+SSLv3:-EXP

What to do, oh what to do...

The default in 11.24 is as follows, and you may wish to use it:

ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP

LinkBack

Thread Tools

Ssl 3.0

Filed with Developers [Case 48781] cPanel => TLS/SSL Manager => Create Self-Signed SSL limited St

cPanel account SSL not taking over WHM installed SSL

ssl not working . Going port 2086 work but not 2087(ssl)

SSL problem on Firefox - 'incorrect ssl certificate' dialog box pops up