webmin

Mine was, but the fix was pretty straight forward.

  1. In Webmin go to Webmin -> Webmin Configuration -> SSL Encryption
  2. Enter the following into the Allowed SSL Ciphers field
    ALL:!ADH:!LOW:!SSLv2:!EXP:+HIGH:+MEDIUM

    I grabbed this string from the hardened Apache SSL config provided by the excellent Atomic Secured Linux.
  3. Restart webmin and you should be good to go.
  4. You can test you were successful by following the instructions in the blog post referenced below.

References:
Disable SSLv2 in Webmin | Noodles’ Blog.

Addendum:

After a bit more use/testing of these changes, it turns out this interfered with Eclipse/Trac/Mylyn when connecting to this server/repo.

I’ve just figured out to get this 100% happy, I needed to force the SSL version to 3 rather than 2 to make them happy… and of course PCI compliance tests still pass.

SSL weak cipher fixes


Jonathan Adjei

Jon's expertise in web development is legendary and he oversees all technical aspects of our projects from development to hosting (all through the command line!) Jon is excited by the latest techniques and keeps the company on track by finding ways to adopt new practices into our workflow.