Skip to main content
Information Security

Return to Question

replaced http://security.stackexchange.com/ with https://security.stackexchange.com/
Source Link
Community Bot
Community Bot
  • 1

In order to mitigate the "Poodle" vulnerability"Poodle" vulnerability, I'd like to disable SSLv3 support in my (in this case, TLS, rather than HTTPS) server. How can I use openssl s_client to verify that I've done this?

In order to mitigate the "Poodle" vulnerability, I'd like to disable SSLv3 support in my (in this case, TLS, rather than HTTPS) server. How can I use openssl s_client to verify that I've done this?

In order to mitigate the "Poodle" vulnerability, I'd like to disable SSLv3 support in my (in this case, TLS, rather than HTTPS) server. How can I use openssl s_client to verify that I've done this?

added openssl
Link
edit approved May 14, 2015 at 17:56
Jared Burrows
edit approved May 14, 2015 at 17:56
Jared Burrows
  • 391
  • 1
  • 4
  • 13
Tweeted twitter.com/#!/StackSecurity/status/523827196578656258
Source Link
Roger Lipscombe
Roger Lipscombe
  • 2.3k
  • 3
  • 17
  • 20

How do I use "openssl s_client" to test for (absence of) SSLv3 support?

In order to mitigate the "Poodle" vulnerability, I'd like to disable SSLv3 support in my (in this case, TLS, rather than HTTPS) server. How can I use openssl s_client to verify that I've done this?