Find the answer to your Linux question:
Results 1 to 3 of 3
Hi, I was told by my security officer that I must remove SSL 2.0 and start using version SSL 3.0 due to security vulnerability. I don't even know how I ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Dec 2006
    Posts
    8

    Question How do you update version SSL 2.0 to SSL 3.0 in RedHat Linux 4??


    Hi,

    I was told by my security officer that I must remove SSL 2.0 and start using version SSL 3.0 due to security vulnerability.

    I don't even know how I can check on the current version, let alone upgrading to the current version we're running. I need help

    Thank you.

    Jay

    Here's what rpms are loaded on my server:

    openssl-devel-0.9.7a-43.17.el4_6.1
    xmlsec1-openssl-1.2.6-3
    docbook-style-dsssl-1.78-4
    mod_ssl-2.0.52-41.ent.2
    openssl-0.9.7a-43.17.el4_6.1
    openssl-devel-0.9.7a-43.17.el4_6.1
    xmlsec1-openssl-1.2.6-3
    openssl096b-0.9.6b-22.46
    openssl-0.9.7a-43.17.el4_6.1

  2. #2
    Linux Guru Rubberman's Avatar
    Join Date
    Apr 2009
    Location
    I can be found either 40 miles west of Chicago, in Chicago, or in a galaxy far, far away.
    Posts
    11,517
    What distribution+version of Linux are you running? FWIW, SSL 2.0 and 3.0 are both supported on most current RHEL and Fedora systems. You can specify in your browser which to use. For example in Firefox you can open the Preferences window and in the Advanced->Encryption tab you can enable SSL 3.0, which will then be used by default for secured web pages.

    Also, I'm not sure you can just "remove" SSL 2.0 support. I think that SSL 2.0 streams are also handled by the SSL 3.0 code base, though I might be incorrect in that assumption. I'm not a expert in this domain, just somewhat knowledgeable.
    Sometimes, real fast is almost as good as real time.
    Just remember, Semper Gumbi - always be flexible!

  3. #3
    Just Joined!
    Join Date
    Dec 2006
    Posts
    8
    Hi Rubberman!

    Thanks for your response. The current Redhat version RHAS 4.8

    So, all I would have to do is to open the Apache or Firefox browser to use only SSL 3.0 and TSL version??

    I need much more help since I am new Linux & SSL protocol.

    Thank you!

    Jay

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •