How to Disable SSLv3 on Lighttd Web Server

 Follow these steps if SSLv3 should be disabled on appliances running 1.5.   

  1. Login with ssh admin@x.x.x.x

  2. Sudo -s

  3. Type admin password

  4. Open with vi /etc/lighttpd/lighttpd.conf

  5. Search for this directive ssl.engine = "enable"directive

  6. Then add these directives

    1. ssl.use-sslv2          = "disable"

    2. ssl.use-sslv3          = "disable"

    3. Then save and quit

  7. Systemctl restart lighttpd  (this restarts the service)

  8. Now Test SSLv3 is disabled using this procedure

  9. openssl s_client -connect x.x.x.x:443 -ssl3

    1. Output on failure to connect should look like below

    2. CONNECTED(00000003)

    3. 139648151238288:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure:s3_pkt.c:1293:SSL alert number 40
Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request


Powered by Zendesk