This website is deprecated, and remains online only for historic access to old issues and docs for historic versions of Virtualmin. It has been unmaintained for several years, and should not be relied on for up-to-date information. Please visit www.virtualmin.com instead.

OpenSSL Version issue

2 posts / 0 new

Topic locked

Last post

#1 Tue, 12/22/2015 - 02:37

paul.kelly

OpenSSL Version issue

Hiya,

I installed a new SSL cert and ran a check on it. A couple issues popped up.

SSL Version I had to exclude SSLv3

OpenSSL I am running openssl 1.0.1e-42.el6_7.1 and some dev libraries. The security check indicates that this is an old version. Shouldn't we be using the latest version, to be safe?

Looks like we should be in vQ!

Also V1.02 is available.

#2 Tue, 12/22/2015 - 07:40

Tsikura

CentOS backports security fixes which is something those security checks don't look for. Disabling SSLv3 is standard no matter what version of openssl you have or operating system, so that is normal due to poodle as it is a protocol vulnerability

Topic locked