Hello All,
I have a openfire 3.9.x installation on an ubuntu server, I am running openssl version 1.0.1c, and ubuntu server version 12.10. The server is running Oracle 7 JDK for its java runtime enviroment.
I have a CA Signed certificate via PositiveSSL that is installed in Openfire, and working properly.
However, my question is how to disable SSLv3, and enable TLS 1.2?
I have been using a server scanner, which shows that my server has SSLv3 enabled, and TLS 1.1 and 1.2 disabled.
Along with this, but not to get too far off topic, I have noticed three insecure cyphers are currently enabled as well, and would like to disable them. The three in question are:
ECDHE-RSA-DES-CBC3-SHA(0xc012)
EDH-RSA-DES-CBC3-SHA(0x16)
DES-CBC3-SHA(0xa)
I look foreward to hearing from you, if you require any further information, just ask.