Oktober 2022
Mo	Di	Mi	Do	Fr	Sa	So
					1	2
3	4	5	6	7	8	9
10	11	12	13	14	15	16
17	18	19	20	21	22	23
24	25	26	27	28	29	30
31

Recent entries

Was ist Digitalisierung?
Jitsi Meet RPM packages for RHEL/CentOS/OEL 7
Power Measuring several SSDs (Crucial, Kingston, Apacer)
Power Measuring Crucial BX500 240
Power Measuring Kingston A400 480 and Samsung MZ7LN128
Power Measuring Patriot Burst 480 and WD WD10SPZX
Power Measuring Patriot Burst 240 and Verbatim Vi500 S3 240/480
ODROID GO as network tool
Workaround for Unity installation issue "not enough space"
RHEL 5 dovecot fix for CVE-2019-11500
Intel/Altera Quartus FPGA suite RPM repository
Power Measuring Kingston A400 240 GB
Power Measuring Patriot Burst 120 GB
Power Measuring Seagate ST1000LM048
Power Measuring Toshiba MQ02ABD100H

tuxad blog

Syndicate

Site (RSS, Atom)

Contact

Frank Bergmann

Weblog status

Total entries: 78
Last entry: 2022-10-16 13:52:24
Last updated: 2022-10-16 14:12:58

2014-11-20 23:50:18

jabberd with FS and without SSL3

This post is an update to my post about enabling forward secrecy in jabberd.

If you use a stock Red Hat / Centos 5 OpenSSL package then you will maybe notice that SSL3 is still enabled. This will be "punished" by the IM Observatory. In order to manually disable the ancient SSLv2 and SSLv3 protocols you just need an extra call of SSL_CTX_set_options.

This is included in a new version of the forward secrecy patch. A binary RPM package for RHEL / Centos 5 and a source RPM package are also available.

If you use the additional OpenSSL 1.0.1 package on RHEL / Centos 5 then you should use the special jabberd-openssl1 package (SRPM) which gives you also TLS 1.1 and TLS 1.2 and even more points on the IM Observatory.

Update 2015-08-09: The package is included in the tuxad repo.

Posted by Frank W. Bergmann | Permanent link | File under: c, ssl, encryption, rpm, yum, repository, redhat, openssl, jabber