website logo
Auteur
avatar
sinisrus

Forum » » Logiciels » » IBrowse toujours pas mort!!??


Posté : 20-02-2016 11:15 icone du post

www.ibrowse-dev.net

---

19 Feb 2016IBrowse 2.4, AmiSSL 3.6 and the POODLE attack

I'm sure you are all well aware that many secure websites are normally not reachable with IBrowse 2.4 any longer, due to servers shutting off SSLv2 and SSLv3 connections due to the POODLE attack. However, there is a solution...

This is delayed advice, as I have only just realised it was possible: contrary to the previous news item, you should enable both "SSLv2 support" and "SSLv3 support" on the "Security" page of the IBrowse preferences. You must then also enter the following command in a shell:

setenv save AmiSSL/SSL_CLIENT_VERSION tls1

This will force any most applications that use AmiSSL, including IBrowse, to disable both SSLv2 and SSLv3, and use more secure TLSv1 connections instead.

This issue will be properly addressed in IBrowse 2.5 and a new version of AmiSSL.

--
Coin coin... amitheme.amiga-ng.org
Sam460 1,15Ghz - OS4.1FE - Radeon Saphir HD7750 R7 250E - 2Go de ram

Cet article provient de Le site des utilisateurs francophones actuels et futurs d'AmigaOS 4.x
https://amiga-ng.org/viewtopic.php?topic=2251&forum=4