VirtualMin SSL v3 Poodle Fix VirtualMin SSL v3 Poodle Fix

POODLESSLv3UserminVirtualMinWebmin
Posted on | by admin

 

Apache

In RHEL/CentOS, edit /etc/httpd/conf.d/ssl.conf.

In Ubuntu/Debian, edit /etc/apache2/mods-enabled/ssl.conf.

Look for a line beginning with SSLProtocol, it should look something like this:

SSLProtocol all -SSLv2

You need to modify it to look like this:

SSLProtocol all -SSLv2 -SSLv3

And then restart Apache:

RHEL/CentOS: /etc/init.d/httpd restart

Ubuntu/Debian: /etc/init.d/apache2 restart

Webmin/Virtualmin

Webmin will correct this issue automatically in the future. In the meantime, to disable SSLv3, edit this file:

/etc/webmin/miniserv.conf

And add the following line to the end:

ssl_version=10

Then restart Webmin:

/etc/init.d/webmin restart

Usermin

Edit this file:

/etc/usermin/miniserv.conf

And add the following line to the end:

ssl_version=10
ssl_protocols = !SSLv2 !SSLv3
ssl_cipher_list=ECDHE-RSA-AES256-SHA384:AES256-SHA256:AES256-SHA256:RC4:HIGH:MEDIUM:+TLSv1:+SSLv3:!SSLv2:!MD5:!ADH:!aNULL:!eNULL:!NULL:!DH:!ADH:!EDH:!AESGCM

Then restart Usermin:

/etc/init.d/usermin restart

 

Webmin

Edit this file:

/etc/webmin/miniserv.conf

And add the following line to the end:

ssl_version=10
ssl_protocols = !SSLv2 !SSLv3
ssl_cipher_list=ECDHE-RSA-AES256-SHA384:AES256-SHA256:AES256-SHA256:RC4:HIGH:MEDIUM:+TLSv1:+SSLv3:!SSLv2:!MD5:!ADH:!aNULL:!eNULL:!NULL:!DH:!ADH:!EDH:!AESGCM

Then restart Usermin:

/etc/init.d/webmin restart

 

Creds: https://www.virtualmin.com/node/34811

Leave a Reply