We use McAfee to scan our website for vulnerabilities. They claim the following:
> Configure SSL/TLS servers to only use TLS 1.1 or TLS 1.2 if supported. > Configure SSL/TLS servers to only support cipher suites that do not use > block ciphers. Apply patches if available. I ran #openssl version and it says we are using OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008. Do we need to upgrade our OpenSSL to upgrade our TLS/SSL server? Sorry if the question is way off-base but I am not a system administrator normally. This is new to me. We use CentOS and #yum install openssl claims it is already at the higest version. Any suggestions appreciated. Thanks, -- Mike Hoy
