12-07-2007 12:54 PM
I justed talked with the scanning company and said that they can’t connect sslv2 but they are able to pull the certificate with openssl and this why we are failing. Here is how they are testing using openssl client:
openssl s_client -host www.mysite.com -port 443 -ssl2
Does anyone have any idea how to block this?
I have applied the AppRules given to me by JTAC forcing SSLv23 browers to SSLv3 but when this scanning company test using their openssl they are still pulling the cert.
12-07-2007 04:08 PM
I would consider this a false positive in the testing tool.
If you have any more questions or concerns let me know.
Manager, Technical Marketing
DX Application Acceleration and Load Balancing