[erlang-questions] Removing SSL v3 support from the ssl module
Steve Vinoski
vinoski@REDACTED
Thu Oct 16 01:41:23 CEST 2014
On Wed, Oct 15, 2014 at 5:34 AM, Andreas Schultz <aschultz@REDACTED> wrote:
> Hi,
> ----- On 15 Oct, 2014, at 11:10, Kenji Rikitake kenji@REDACTED wrote:
>
> > I'd be glad if how to remove SSL v3 support from OTP ssl module is
> > provided by the OTP Team, to prevent getting trapped into the POODLE
> > bug. (I think it won't be that hard, regarding what I've found from the
> > ssl module source code. The keyword atom is "sslv3".)
>
> Add {versions, ['tlsv1.2', 'tls1.1', 'tls1']} to your SSL options to
> restrict
> the version choice.
Slight correction: {versions, ['tlsv1.2', 'tlsv1.1', 'tlsv1']}
The 'v' characters were missing from the latter two atoms.
--steve
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20141015/0af1b4be/attachment.htm>
More information about the erlang-questions
mailing list