Thursday, 16 October 2014, 10:22 - Apache Stuff, OpenSSL
Add the following to your SSL configuration section:
# Disable SSLv2 & SSLv3 against POODLE issue (CVE-2014-3566)
SSLProtocol All -SSLv2 -SSLv3
Note to insert this to all VirtualHost sections where SSL is enabled!
Check your config:
apachectl configtest
Then restart apache server:
sudo service apache2 restart
To check if SSLv3 is turned off:
openssl s_client -connect server.domain.tld:443 -ssl3
Then you shold see a message like this:
error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure:s3_pkt.c:1260:SSL alert number 40
To disable SSLv3 within other services:
see this post