Your system may need to disable SSLv3 depending on your Apache configuration. It is also important to note that older versions of Internet Explorer or other web browsers may not have the TLS protocol enabled by default. If for example, you disable SSL versions 2.0 or 3.0, you will need the older versions of Internet Explorer to allow the TLS protocol so you can connect with your site.
How to Disable SSLv3 Protocol
Locate the SSL Protocol Configuration on your Apache server.
Type either of the following commands:
grep -i -r "SSLProtocol" /etc/apache2
grep -i -r "SSLProtocol" /etc/httpd
Here, /etc/apache2 and /etc/httpd are the base directory for an Apache installation.
There are different default base directories and installation layouts for Apache in different operating systems, so you may need to check that out depending on the OS you are using.
If the earlier command doesn’t find the “SSLProtocol” string, then look for SSLEngine by running one of the following two commands:
grep -i -r "SSLEngine" /etc/apache2
grep -i -r "SSLEngine" /etc/httpd
This command will output the available Virtual Hosts or your config file.
Changing the Virtual Host to move SSLv3
Open the config file/Virtual Host in which you are to disable SSLv3 protocol.
In the SSL protocol configuration, add or update the following lines:
SSLProtocol all -SSLv2 -SSLv3
If you used the grep
-i -r "SSLEngine" command, you will need to search for
"SSLEngine On" and add
SSLProtocol all -SSLv2 -SSLv3 in the line just below it.
To do this, type the following command and run:
apachectl -k restart
After that, you will have been able to disable the SSL v3 protocol successfully.
At this point, you can go on with your work.