Thanks! I went with the string "NORMAL:-VERS-SSL3.0". I'm not yet
building gnuTLS and we're instead relying on the gnuTLS version (3.3.29) in
RHEL 7.8 which apparently is not recent enough to have it disabled.
On Sat, Jun 19, 2021 at 10:42 AM Evgeny Grin wrote:
> Hello Erik,
>
> MHD generally
Hello Erik,
MHD generally relies on GnuTLS for handling everything related to TLS
(and SSL). All recent versions of GnuTLS have SSL3.0 disabled by
default, so you don't need to do anything to disable SSL3.0 (as it is
already disabled).
However you can provide your own ciphers preferences by
The security folks flagged our server for accepting SSL 3.0 ciphers that it
shouldn't. I'm not sure about the proper way to configure this for MHD.
I thought I saw a function at one pont that passes config info to gnuTLS
but I can't find it. This is how operations configures NGINIX to solve
the
