How do you update version SSL 2.0 to SSL 3.0 in RedHat Linux 4??

[xmdms]

Hi,

I was told by my security officer that I must remove SSL 2.0 and start using version SSL 3.0 due to security vulnerability.

I don't even know how I can check on the current version, let alone upgrading to the current version we're running. I need help

Thank you.

Jay

Here's what rpms are loaded on my server:

openssl-devel-0.9.7a-43.17.el4_6.1
xmlsec1-openssl-1.2.6-3
docbook-style-dsssl-1.78-4
mod_ssl-2.0.52-41.ent.2
openssl-0.9.7a-43.17.el4_6.1
openssl-devel-0.9.7a-43.17.el4_6.1
xmlsec1-openssl-1.2.6-3
openssl096b-0.9.6b-22.46
openssl-0.9.7a-43.17.el4_6.1

[Rubberman]

What distribution+version of Linux are you running? FWIW, SSL 2.0 and 3.0 are both supported on most current RHEL and Fedora systems. You can specify in your browser which to use. For example in Firefox you can open the Preferences window and in the Advanced->Encryption tab you can enable SSL 3.0, which will then be used by default for secured web pages.

Also, I'm not sure you can just "remove" SSL 2.0 support. I think that SSL 2.0 streams are also handled by the SSL 3.0 code base, though I might be incorrect in that assumption. I'm not a expert in this domain, just somewhat knowledgeable.

[xmdms]

Hi Rubberman!

Thanks for your response. The current Redhat version RHAS 4.8

So, all I would have to do is to open the Apache or Firefox browser to use only SSL 3.0 and TSL version??

I need much more help since I am new Linux & SSL protocol.

Thank you!

Jay