I recently set up a Ubuntu 12.10 server for a service which I used to run on a 12.04 machine.
Since Ubuntu 10.10 SSLv2 seems to be disabled because of known security reasons.
If i run curl against my URL with the -1, -2 or -3 command, it works with ssl version 1 and 3. However with -2 i get curl: (4) OpenSSL was built without SSLv2 support
as a response.
Now my service is working fine in all browsers, however I have problems in Java, Python and PHP.
A lot of external programs are using my API so I don't really have the possibility to upgrade the clients.
Since ssl v1 is still working, I figure it is a problem for the clients supporting only up to version 2 to recognise that verison 2 is not supported, because version 3 is announced.
Can I compile without sslv3 support? Or can I somehow safely re-enable sslv2 on ubuntu for those clients who really want it? I am now sure how relevant the security issues are, especially because openssl is used for a bunch of stuff and serving webpages is only a part...
I think that the errors your seeing from Curl actually relates to the client openSSL library not supporting SSLv2 rather than a problem with the server. Recent Ubuntu openSSL libraries have deprecated SSLv2 IIRC.
As to your server problem SSLv2 shouldn't be needed by any browser after Internet Explorer 5 (which was the last one that I'm aware of not to support SSLv3/TLSv1 or later)