SSL/TLS Strong Encryption: How-To

https://httpd.apache.org/docs/trunk/ssl/ssl_howto.html # “Modern” configuration, defined by the Mozilla Foundation’s SSL Configuration # Generator as of August 2016. This tool is available at # https://mozilla.github.io/server-side-tls/ssl-config-generator/ SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1 # Many ciphers defined here require a modern version (1.0.1+) of OpenSSL. Some # require OpenSSL 1.1.0, which as of this writing was in pre-release. SSLCipherSuite […]

Error code: ERR_SSL_VERSION_OR_CIPHER_MISMATCH

For Chrome v40: Open chrome://flags Look for “Minimum SSL/TLS version supported.” Choose SSLv3 Click on “Relaunch now” button Open your https page again You will be redirected to a “Your connection is not private” page. If you do not worry about this security issue click on the “Advanced” link. Finally click on “Proceed to (unsafe)”. […]

SSL Broken Again – Google’s POODLE Affects Oodles

Another challenge for internet security 97% of SSL web servers are likely to be vulnerable to POODLE, a vulnerability that can be exploited in version 3 of the SSL protocol. POODLE, in common with BEAST, allows a man-in-the-middle attacker to extract secrets from SSL sessions by forcing the victim’s browser into making many thousands of […]