HowTO: Fix Vulnerability “SSLv2 Enabled”

July 6, 2010

Add the following lines to your httpd.conf:

SSLProtocol ALL -SSLv2
SSLCipherSuite HIGH:!SSLv2:!ADH:!aNULL:!eNULL:!NULL

To Test the Fix (replace 127.0.0.1 with whatever ip you need to test on):

openssl s_client -port 443 -host "127.0.0.1" -ssl2