Archive for January, 2010

Disable ssl ver 2 in apache for pci compliance

You need to disable SSL ver 2 and enable SSL ver 3 in apache for PCI compliance. Its very easy to do. Following settings will set SSL ver 3 and also disable older/unsecure cipher suite in Redhat/centos/fedora Linux server:
1. Open /etc/httpd/conf.d/ssl.conf and add or if these lines already there, edit them as per follows: 

## Disbale SSLv2 and enable SSLv3
SSLProtocol -All +SSLv3 +TLSv1
SSLCipherSuite HIGH:!SSLv2:!ADH:!aNULL:!eNULL:!NULL

2. Reload httpd service to apply the new settings:

# /etc/init.d/httpd reload

3. Verify the settings by connecting to SSL ver 3 protocol:

This is a preview of Disable ssl ver 2 in apache for pci compliance. Read the full post (129 words, estimated 31 secs reading time)

January 23rd, 2010 | Posted in Security, Web Server | 2 Comments

Get Adobe Flash playerPlugin by wpburn.com wordpress themes