On Tue 25 Mar 2014 at 23:16:04 +0100, Veljko wrote: > On 2014-Mar-25 20:37, Sven Joachim wrote: > > On 2014-03-25 17:23 +0100, Veljko wrote: > > > > > I wanted to test if ssl2 is turned off on server, so I tried with this > > > command line on my desktop: > > > > > > openssl s_client -connect server_ip:443 -ssl2 > > > > > > but I'm getting > > > > > > "unknown option -ssl2 > > > usage: s_client args" > > > > > > although displayed list of supported options list -ssl2 as valid. If > > > used with -ssl3 there is no error. > > > > > > > > > What could be the problem? openssl was built without ssl2 support? > > > > Exactly. From the Debian changelog: > > > > ,---- > > | openssl (1.0.0c-2) experimental; urgency=low > > | [...] > > | * Drop SSL2 support (Closes: #589706) > > | > > | -- Kurt Roeckx <k...@roeckx.be> Sun, 19 Dec 2010 16:24:16 +0100 > > `---- > > As last poster on that bug number asked, they should have removed it > from list of available options as well.
People forget things; like not doing a search with "openssl built without ssl2 support". Bug report? > Anyhow, what would be now apropiate way of testing if some web server > still supports ssl2? Any other tool that can be used? Rebuild the openssl package(s) with ssl2 support? -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/25032014230311.75690cce9...@desktop.copernicus.demon.co.uk
