How can I enable SSLv3 on IBM HTTP Server?

Question

Some of our customers visit the website by using SSL3.0，but fail. The log in ihs is as follows： "SSL0222W: SSL Handshake Failed, No ciphers specified (no shared ciphers or no shared protocols)" how can I solve this problem？

I have modified the configuration in the "httpd.conf" file to enable SSLv3.However, it does not achieve the desired results in implementation. The same problem still exists.

Now, the "httpd.conf" file as shown below,

Listen 443
<VirtualHost *:443>
        ServerName *:443
        SSLEnable<br/>
        SSLProtocolEnable SSLv3 TLSv1 TLSv11 TLSv12
        SSLProtocolDisable SSLv2
        SSLClientAuth none
        Keyfile      "..."
        SSLStashfile "..."
</VirtualHost>

score 2 · Accepted Answer · answered Jun 20 '19 at 10:58

2

You need to enable some ciphers for SSLv3 explicitly.

<VirtualHost *:443>
  SSLEnable
  SSLCipherSpec SSLv3 TLS_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_AES_256_CBC_SHA
  SSLProtocolEnable SSLv3
</VirtualHost>

You can see the differences in the output of apachectl -t -DDUMP_SSL_CONFIG before and after.

Obligatory mention: SSLv3 is horrifically out of date and shouldn't be used.

answered Jun 20 '19 at 10:58

covener

17,402
2
31
45

Thanks.After a while, we will ban the use of SSLv3. – Kin Jun 21 '19 at 01:49

How can I enable SSLv3 on IBM HTTP Server?

1 Answers1