PCI compliance - disable SSLv2
Hi. Our interworx box runs on cloudlinux and litespeed. We need to disable SSLv2 for PCI complaince.
How can we accomplish this? Is this on litespeed side where we need to disable?
We edited the ssl.conf files and changed some settings. If we try to do a test, this is what we get:
[root@server ~]# openssl s_client -ssl2 -connect 1xx.xxx.121.xxx:443
140621945898824:error:1407F0E5:SSL routines:SSL2_WRITE:ssl handshake failure:s2_pkt.c:430:
no peer certificate available
No client certificate CA names sent
SSL handshake has read 422 bytes and written 45 bytes
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Protocol : SSLv2
Cipher : 0000
Key-Arg : None
Krb5 Principal: None
PSK identity: None
PSK identity hint: None
Start Time: 1361311678
Timeout : 300 (sec)
Verify return code: 0 (ok)
Doesn't this mean that SSLv2 is being rejected? If so, then the server should have passed PCI scanning regarding the SSLv2.
Any idea? Am I missing a step?
I'm having it run again.
Thank webizen for all your help :)
|All times are GMT -7. The time now is 10:16 AM.|