From 91ce5c16d26a51d7b61416e18b899e4ac115fa25 Mon Sep 17 00:00:00 2001
From: o <o@immerda.ch>
Date: Thu, 16 Oct 2014 11:40:04 +0200
Subject: disable SSLv3

---
 files/include.d/CentOS/ssl_defaults.inc | 3 +--
 files/include.d/Debian/ssl_defaults.inc | 2 +-
 2 files changed, 2 insertions(+), 3 deletions(-)

(limited to 'files')

diff --git a/files/include.d/CentOS/ssl_defaults.inc b/files/include.d/CentOS/ssl_defaults.inc
index 7735ebb..776b7c3 100644
--- a/files/include.d/CentOS/ssl_defaults.inc
+++ b/files/include.d/CentOS/ssl_defaults.inc
@@ -5,8 +5,7 @@ SSLEngine on
 #   SSL Protocol support:
 # List the enable protocol levels with which clients will be able to
 # connect.  Disable SSLv2 access by default:
-#SSLProtocol all -SSLv2
-SSLProtocol -all +SSLv3 +TLSv1
+SSLProtocol All -SSLv2 -SSLv3
 
 #   SSL Cipher Suite:
 # List the ciphers that the client is permitted to negotiate.
diff --git a/files/include.d/Debian/ssl_defaults.inc b/files/include.d/Debian/ssl_defaults.inc
index 7030ec8..2599a4f 100644
--- a/files/include.d/Debian/ssl_defaults.inc
+++ b/files/include.d/Debian/ssl_defaults.inc
@@ -11,7 +11,7 @@ SSLEngine on
 #   SSL Protocol support:
 # List the enable protocol levels with which clients will be able to
 # connect.  Disable SSLv2 access by default:
-SSLProtocol -all +SSLv3 +TLSv1
+SSLProtocol All -SSLv2 -SSLv3
 
 #   SSL Cipher Suite:
 # List the ciphers that the client is permitted to negotiate.
-- 
cgit v1.2.3