andreas-h

Asked: 2010-06-26 02:37:21 +0800 CST2010-06-26 02:37:21 +0800 CST 2010-06-26 02:37:21 +0800 CST

How to force SSLv3 in pound HTTP Proxy

we are handling SSL with a pound 2.3 HTTP(S) proxy. Is there any way to force a client's Browser to use SSLv3? I couldn't find anything in the pound documentation ...

Thanks for your insight!

Cheers,

Andreas.

1 Answers

Voted

Best Answer

Leo
2010-11-02T07:34:32+08:002010-11-02T07:34:32+08:00
I hope you've found an answer by now. But this was approved by a quality third party ethical hacking firm, Qualys WAS and network scanner, and IBM's AppScanner:

Ciphers "ALL:!ADH:!EXPORT56:RC4+RSA:HIGH:MEDIUM:!LOW:!SSLv2:+EXP:!eNUL:!EXP-DES-CBC-SHA:!EXP-RC2-CBC-MD5:!EXP-RC4-MD5:!EXP-DES-CBC-SHA:!EXP-RC2-CBC-MD5:!EXP-RC4-MD5"

This removes the sslv2 but leaving sslv3 in place. It is however best practice to disable sslv3 where possible.
3

How to force SSLv3 in pound HTTP Proxy

Ping a Specific Port

How do I tell Git for Windows where to find my private RSA key?

How do you restart php-fpm?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Resolve host name from IP address

How can I sort du -h output by size

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?