即使在 tomcat 6 服务器 xml 更改 TLSv1 后,SSLv3 似乎也没有被禁用

即使在 tomcat 6 服务器 xml 更改 TLSv1 后,SSLv3 似乎也没有被禁用

即使进入服务器.xmlsslProtocol="TLSv1"我们进行漏洞检查时,以下是输出的详细信息。

# /usr/sfw/bin/

> openssl s_client -connect ipaddress:portNo -ssl3

CONNECTED(00000003)

verify error:num=19:self signed certificate in certificate chain

verify return:0
---
Certificate chain
---
Server certificate
printed even the certificate
---
No client certificate CA names sent
---
SSL handshake has read 3040 bytes and written 442 bytes
---
New, TLSv1/SSLv3, Cipher is AES128-SHA
Server public key is 2048 bit
Secure Renegotiation IS supported
SSL-Session:
    Protocol  : SSLv3
    Cipher    : AES128-SHA
    Session-ID: 5719C37963ED3152FBE0543342EF2327303E66D3B8E32F020729D105A669AB04
    Session-ID-ctx:
    Master-Key: 3A31836C1C6DD8550B76051F8890073B7571B3C4DFC5F88B60D8FD2A3EA38BC00D845E16D6A9E134EF9B5BD79DD68B6F
    Key-Arg   : None
    Start Time: 1461306233
    Timeout   : 7200 (sec)
    Verify return code: 19 (self signed certificate in certificate chain)

有人可以建议如何解决这个问题吗?

相关内容