AnsweredAssumed Answered

[Improvement suggestion] Warn SNI sites that they should not be compatible with SSL 2 handshakes

Question asked by Adm Selec on Feb 8, 2015
Latest reply on Feb 8, 2015 by Adm Selec

Since SSLv2 ClientHello doesn't contain extensions, for SNI-only site it is inconsistent to support SSL 2 handshake. There is already a note that SSL protocol doesn't support SNI, the same should be for SSL 2 handshake.



SNI SSL3.png

SNI SSL3 details.png




SNI SSL 2 handshake.png


And here questions arise:

1. Why does my server support SSL 2 handshake? I have SSL 2 disabled!!!11


See here:

tls - Why clients offer handshaking with SSL 2.0 protocol - Information Security Stack Exchange

security - Why is the handshake protocol sslv3 when the client hello is sslv2 - Stack Overflow


2. How do I turn it off? Should I change OpenSSL settings? Or recompile it with some specific options? Or should I manually modify the source?


Still confusing for me.

nginx developer suggested installing OpenSSL with FIPS support, when admin had asked: how to deny the SSL v2.0 handshake when SSL v2.0 is disabled

But I have seen some servers with SSL 2 handshake compatibility and OpenSSL-FIPS in their signatures.


Also it is confusing to have a FIPS compliant server with a usual OpenSSL version, since there is SSL 2 handshake support.

Is SSLv3 really not FIPS 140-2 compliant?

My web server is PCI and FIPS compliant:


I do not have any special OpenSSL build on that server, it is the latest general release of OpenSSL.


Main things:


- SSL2 and SSL3 are not allowed

If SSL is not allowed, why "SSL 2 handshake compatibility YES"?


Looking for this stuff currently:

SSLv23_client_method - create a new SSL_CTX object as framework for TLS/SSL enabled functions

Justin Bull on Twitter: "@matthew_d_green SSLv23_method() then setting SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 is a horrible w…