SSL3 support
Posted: Wed Apr 16, 2014 7:50 am
I recently added 2 servers to my Nagios park.
When I run Nagios install they both stop on wget http:~wk2html~and so on.
I see the incoming wget request in my squid proxy server.
The Network techs have checked it and report SSLv3 is the issue.
I tried this
output:
Which tells me that SSL3 is enabled.
When I run the same command on antoher (working) server, I get this:
I understand that SSL3 is more secure and that I "should" use it on all of them.
But for now I like to know how to disable SSL3 on these two machines..
When I run Nagios install they both stop on wget http:~wk2html~and so on.
I see the incoming wget request in my squid proxy server.
The Network techs have checked it and report SSLv3 is the issue.
I tried this
Code: Select all
openssl s_client -ssl3 -connect remote_server:443output:
Code: Select all
CONNECTED(00000003)When I run the same command on antoher (working) server, I get this:
Code: Select all
CONNECTED(00000003)
139754014816072:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number:s3_pkt.c:337:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 5 bytes and written 7 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : SSLv3
Cipher : 0000
Session-ID:
Session-ID-ctx:
Master-Key:
Key-Arg : None
Krb5 Principal: None
PSK identity: None
PSK identity hint: None
Start Time: 1397652021
Timeout : 7200 (sec)
Verify return code: 0 (ok)
---
But for now I like to know how to disable SSL3 on these two machines..
