Nmap Development mailing list archives
Re: secwiki.org: ssl_error_no_cypher_overlap
From: Fyodor <fyodor () nmap org>
Date: Fri, 10 Jan 2014 13:47:53 -0800
On Thu, Jan 9, 2014 at 8:46 AM, Jacek Wielemborek <d33tah () gmail com> wrote:
Hi, I recently visited https://www.howsmyssl.com/ and found that my Firefox has SSL/TLS configured to use insecure ciphers. I did a bit of searching and found ways to disable them, and add some other tweaks, but then I discovered that I can't visit https://secwiki.org anymore. I suppose that the reason is that the server is not configured to support TLS 1.2. Is it possible that it's due to misconfiguration of the web server?
Well, we have this entry in the Nmap todo which we still need to do: o Web: We should probably distribute RapidSSL intermediate certificate on SecWiki so it is trusted even if browsers don't have that cert cached. Here's a page nothing the issue: https://www.ssllabs.com/ssltest/analyze.html?d=secwiki.org - We probably need to add an entry in apache conf after SSLCertificateFile which looks something like: SSLCertificateChainFile /etc/apache2/rapidssl.pem That might be the problem and we are planning to address it soon. If you find another SSL-related issue on the site though, let us know and we'll try to fix that too. Cheers, Fyodor _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- secwiki.org: ssl_error_no_cypher_overlap Jacek Wielemborek (Jan 09)
- Re: secwiki.org: ssl_error_no_cypher_overlap Fyodor (Jan 10)