Newsroom Update
Beginning in May, a special Today at Apple series titled “Made for Business” will offer small business owners and entrepreneurs free opportunities to learn how Apple products and services can support their growth and success. Learn more >
Beginning in May, a special Today at Apple series titled “Made for Business” will offer small business owners and entrepreneurs free opportunities to learn how Apple products and services can support their growth and success. Learn more >
Because of the possibility of DROWN-Attack I want to disable SSLv2 on my Snow Leopard (10.6.8) Server.
Is anybody here who can tell me how to disable SSLv2?
Installing a newer version of OpenSSL would be nice too but I don't know how?
Thank you for your assistance,
Peter.
Xserve, Mac OS X (10.6.8), 4 GB RAM, 1 TB Raid (mirror)
Hi again!
Here is the solution. :-)
What you have to do is edit your main.cf to disabel SSLv2 (and SSLv3) and for Apache2 the httpd.conf.
1. Go to /etc/postfix and open the main.cf
2. Add the following lines
smtpd_tls_mandatory_protocols = !SSLv2 !SSLv3
smtp_tls_mandatory_protocols = !SSLv2 !SSLv3
smtp_tls_protocols = !SSLv2, !SSLv3
smtpd_tls_protocols = !SSLv2 !SSLv3
3. Save the main.cf
4. Got to /etc/apache and open httpd.conf
5. search for SSL stuff
Add the following line:
SSLProtocol all -SSLv2 -SSLv3
6. Restart your server to make changes active
Greetings, Peter
Hi again!
Here is the solution. :-)
What you have to do is edit your main.cf to disabel SSLv2 (and SSLv3) and for Apache2 the httpd.conf.
1. Go to /etc/postfix and open the main.cf
2. Add the following lines
smtpd_tls_mandatory_protocols = !SSLv2 !SSLv3
smtp_tls_mandatory_protocols = !SSLv2 !SSLv3
smtp_tls_protocols = !SSLv2, !SSLv3
smtpd_tls_protocols = !SSLv2 !SSLv3
3. Save the main.cf
4. Got to /etc/apache and open httpd.conf
5. search for SSL stuff
Add the following line:
SSLProtocol all -SSLv2 -SSLv3
6. Restart your server to make changes active
Greetings, Peter
How to disable SSLv2 on Snow Leopard Server?
