[erlang-questions] Removing SSL v3 support from the ssl module
Wed Dec 3 14:03:17 CET 2014
Thanks for all the advice.
I've modified the header and also started the application with -ssl
protocol_version [tlsv1, 'tlsv1.1', 'tlsv1.2'] and it seems to work
However, it seems that I still get an SSLv3
openssl s_client -ssl3 -connect 127.0.0.1:8936 |grep "Protocol"
Protocol : SSLv3
Cipher : DHE-RSA-AES256-SHA
Any ideas what I may have missed ?
2014-11-26 23:07 GMT+02:00 Ingela Andin <ingela.andin@REDACTED>:
> 2014-11-26 17:51 GMT+01:00 Simon MacMullen <simon@REDACTED>:
>> On 26/11/14 15:36, CT Radu wrote:
>>> I am currently stuck with a R15 erlang release and I do want to disable
>>> sslv3 on listening connections.
>> You can't. The bug OTP-10905 prevents setting SSL versions at all on
>> older versions. You need at least R16B01.
> No you can not do it cleanly, but you could always patch the ssl header
> file which defines the system default and then recompile as a workaround.
> Regards Ingela Erlang/OTP team - Ericsson AB
>> Cheers, Simon
>> erlang-questions mailing list
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the erlang-questions