Luci on rhel5 / SSL v2 (need SSL v3 or TLSv1)

Latest response

Hi all,

 

Luci web site uses SSL v2. Our auditor askesd either to turn off the service ( I am no sure about my cluster functionality), or "ugrade" it SSL v3 or TLSv1

Is there a way ?

 

Kind Regards,

 

Nikos

Responses

You could always shut down luci and control the cluster from the command line.  I don't believe there is a way to adjust the SSL version.

 

Checkout the cluster admin docs on http://docs.redhat.com

Hi Jack ,

 

Thanks for your input

 

Nikos

luci is a TurboGears app on RHEL6. You should be able to just configure the underlying Apache instance to stop supporting SSLv2

 

http://httpd.apache.org/docs/2.0/mod/mod_ssl.html#sslprotocol

Example

# enable SSLv3 and TLSv1, but not SSLv2
SSLProtocol all -SSLv2