Is SSL protocal bouncing potential customers?

James Mcphee jmcphe at gmail.com
Thu Mar 26 17:50:03 MST 2015 

yeah, the people who maintain such things have basically given up coming up
with weird work around for weaknesses in the ssl standard.  That covers ssl
2.0 and ssl 3.0.  TLS is the new hotness.  While we're talking about that,
also remember to disable all export ciphers.

The downside of this is that this WILL break people's abilities to get to
your site if they're using older browsers.  Thems the breaks.  hehe..  puns.

On Thu, Mar 26, 2015 at 5:16 PM, Victor Odhner <vodhner at cox.net> wrote:

> I’ve been told that SSL of any flavor is unfixably insecure, and that TLS
> is the way to go. But maybe you meant TLS, some people call it SSL
> generically because it’s still HTTPS.
> ______________________
>
> On Mar 26, 2015, at 16:26:18, Eric Cope <eric.cope at gmail.com> wrote:
>
> do your apache logs show anything related to Mac useragents being rejected
> due to "too low ssl"?
>
> On Thu, Mar 26, 2015 at 3:09 PM, Keith Smith <techlists at phpcoderusa.com>
> wrote:
>
>>
>> Hi,
>>
>> I'm stuck and am looking for a little help.
>>
>> I have completed a PCI scan for one of the servers I support.  It
>> complained about a couple things.  One was the need to use more restrictive
>> SSL protocols.  With some help from the data center I was able to update
>> the SSLProtocol and the SSLCipherSuite so the server would pass the scan.
>>
>> I am now hearing from customer service that they are receiving some
>> complaints that some cannot reach the website.  I've asked customer service
>> to ask a couple questions so I can understand better what is taking place.
>> I assume the issue is older browsers.
>>
>> At this point what I am being told is Macs with Safari and Firefox (no
>> version info).  Apparently the message they see is "this page cannot be
>> displayed".
>>
>> I took a look at the httpd access and error logs and nothing jumps out at
>> me.  The server is running CentOS 6.6.
>>
>> Is there other things I can look at or do to troubleshoot this issue?
>>
>> Thank you very much!!
>>
>> Keith
>>
>> ---------------------------------------------------
>> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
>> To subscribe, unsubscribe, or to change your mail settings:
>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>>
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>



-- 
James McPhee
jmcphe at gmail.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.phxlinux.org/pipermail/plug-discuss/attachments/20150326/073e22a6/attachment.html>

More information about the PLUG-discuss mailing list