In this articles, I will give you the procedure to disable the support for SSLv2 and SSLv3 protocols . These protocols enters data encryption with security certificates . The concern is that these protocols have security flaws that can retrieve data normally protect !

Update Cherokee :

First of all, I suggest you update your version of Cherokee. For the options that we will use this as its not in the latest updates on this project GIT . To update , I removals to present documentation on the Cherokee GIT.

Disabling protocols :

Once web services revived in the latest version of Cherokee , start the administration interface . Go to the section , "Advanced" and then in the " TLS" tab. Let check that the following protocols " TLS 1.0 ", " TLS 1.1 " and " TLS 1.2 ", then save and request for a reboot "HARD " .

Check :

Logically protocols that can create security vulnerabilities are now disabled, but the best is to make a move in this website.

Qualys SSL Test

It is necessary that in the protocols you have realistic part the same as in the screen printing.

Article en Français : https://www.duhaz.fr/lecture/desactivation-des-protocoles-sslv2-et-sslv3-sur-cherokee/

  • Partager
  • Url: http://www.duhaz.fr/blog/disabling-sslv2-and-sslv3-protocols-on-cherokee/