Aus Siwecos
Version vom 7. Mai 2020, 11:40 Uhr von Siwebot (Diskussion | Beiträge)
(Unterschied) ← Nächstältere Version | Aktuelle Version (Unterschied) | Nächstjüngere Version → (Unterschied)
Wechseln zu: Navigation, Suche

Check for outdated SSL3 protocol

If the result is positive, there is no need for further action. If the result is negative, please read the following instructions.

Result positive Outdated protocol version SSL3 not supported.
Result negativ Outdated protocol version SSL3 supported.
Description The server supports the outdated SSL3 protocol version, which is considered highly insecure. By using this version you massively endanger the security of the connections to this server.
Background SSL (Secure Sockets Layer) stands for a hybrid encryption protocol for secure data transmission on the Internet and serves as the basis for secure access via HTTPS. The SSL3 version dates from 1995 and has not been officially supported since 2015. The term SSL has since been replaced by the term TLS (Transport Layer Security). The SSL3 gap became particularly known through POODLE. By using SSL3, the confidentiality of the connections can no longer be guaranteed.
Consequence By offering SSL3 on the server side, you allow attacks on connections with older clients. This allows an attacker to potentially decrypt parts of the connection and steal customer data.
Solution/Tips If Outdated protocol version SSL3 supported was reported: TLS encoding is considered to be the standard today. Therefore you should not use SSL3.