0

Title says the question. I am having difficulty finding the file (and am aware that it is disabled by default with SSL_OP_ALL). I am aware that the location will vary from server to server, but it should have at least a few common locations, and the file name shouldn't differ.

I am searching for this so that I can disable SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS to be PCI compliant (as a precaution against the BEAST attack).

jperezov
  • 133
  • 1
  • 7

1 Answers1

0

This option is enabled (or disabled) on a per-program basis. There isn't a magic configuration file you can edit to set it system-wide (and for some programs there isn't a configuration option at all - e.g. for Apache I believe it's hard-coded at compile time).

voretaq7
  • 79,879
  • 17
  • 130
  • 214