Project

General

Profile

Tâche #11341

Désactiver le SSLv3 sur l'annuaire

Added by Joël Cuissinat over 6 years ago. Updated almost 6 years ago.

Status:
Fermé
Priority:
Normal
Assigned To:
Start date:
12/01/2015
Due date:
% Done:

100%

Estimated time:
3.00 h
Spent time:
Remaining (hours):
0.0

Associated revisions

Revision 77946995 (diff)
Added by lolo almost 6 years ago

Correction de la liste des suites de chiffrement
fixes: #11341 @1h

History

#1 Updated by Laurent Flori almost 6 years ago

  • Assigned To set to Laurent Flori

#2 Updated by Scrum Master almost 6 years ago

  • Status changed from Nouveau to En cours
  • Start date set to 12/01/2015

#3 Updated by Anonymous almost 6 years ago

  • Status changed from En cours to Résolu
  • % Done changed from 0 to 100

#4 Updated by Joël Cuissinat almost 6 years ago

  • Remaining (hours) changed from 3.0 to 0.5
  • Avant (2.5.1) :
    root@scribe:~# openssl s_client -connect localhost:636 -ssl3
       [ ... ]
    New, TLSv1/SSLv3, Cipher is AES256-SHA
    Server public key is 2048 bit
    Secure Renegotiation IS supported
    Compression: NONE
    Expansion: NONE
    SSL-Session:
        Protocol  : SSLv3
        Cipher    : AES256-SHA
        Session-ID: 0C2D17F9F30FABC2C6A54711237117D1704A2F29D3036476B8BCFCCC44D39248
        Session-ID-ctx: 
        Master-Key: 75DC04526CCCD80A14FD38490C51F83AA529066BC9346EF1787C7DADB8A0ED3F493B1172080A0CBF4176CD1FF7B51B01
        Key-Arg   : None
        PSK identity: None
        PSK identity hint: None
        SRP username: None
        Start Time: 1449242571
        Timeout   : 7200 (sec)
        Verify return code: 19 (self signed certificate in certificate chain)
    
  • Après (2.5.2) :
    root@scribe:~# openssl s_client -connect localhost:636 -ssl3
    CONNECTED(00000003)
    139631814735520:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number:s3_pkt.c:339:
    ---
    no peer certificate available
    ---
    No client certificate CA names sent
    ---
    SSL handshake has read 5 bytes and written 7 bytes
    ---
    New, (NONE), Cipher is (NONE)
    Secure Renegotiation IS NOT supported
    Compression: NONE
    Expansion: NONE
    SSL-Session:
        Protocol  : SSLv3
        Cipher    : 0000
        Session-ID: 
        Session-ID-ctx: 
        Master-Key: 
        Key-Arg   : None
        PSK identity: None
        PSK identity hint: None
        SRP username: None
        Start Time: 1449243671
        Timeout   : 7200 (sec)
        Verify return code: 0 (ok)
    ---
    

#5 Updated by Joël Cuissinat almost 6 years ago

  • Status changed from Résolu to Fermé
  • Remaining (hours) changed from 0.5 to 0.0

Also available in: Atom PDF