Home page logo
/

nmap-dev logo Nmap Development mailing list archives

Re: secwiki.org: ssl_error_no_cypher_overlap
From: Fyodor <fyodor () nmap org>
Date: Fri, 10 Jan 2014 13:47:53 -0800

On Thu, Jan 9, 2014 at 8:46 AM, Jacek Wielemborek <d33tah () gmail com> wrote:

Hi,

I recently visited https://www.howsmyssl.com/ and found that my Firefox
has
SSL/TLS configured to use insecure ciphers. I did a bit of searching and
found
ways to disable them, and add some other tweaks, but then I discovered
that I
can't visit https://secwiki.org anymore. I suppose that the reason is
that the
server is not configured to support TLS 1.2. Is it possible that it's due
to
misconfiguration of the web server?


Well, we have this entry in the Nmap todo which we still need to do:

o Web: We should probably distribute RapidSSL intermediate certificate
  on SecWiki so it is trusted even if browsers don't have that cert
  cached.  Here's a page nothing the issue:
  https://www.ssllabs.com/ssltest/analyze.html?d=secwiki.org
  - We probably need to add an entry in apache conf after
  SSLCertificateFile which looks something like:
  SSLCertificateChainFile /etc/apache2/rapidssl.pem


That might be the problem and we are planning to address it soon.  If you
find another SSL-related issue on the site though, let us know and we'll
try to fix that too.

Cheers,
Fyodor
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]