At least the qualys online test is only testing port 443 - could it be that you run your web-server on this port? If you run your web-server with e.g. mod-spdy you also have to update mod-spdy because it is built with its own openssl. This was a problem on my server too (not fedora or Centos tough) Regards Am 22.06.2014 03:36, schrieb Tora Tora Tora: > Basically, I am left to conclude that (1) the latest update on > Fedora/Centos does not patch CCS Injection vulnerability or (2) the test > is wrong--correction, both Tripwire and Qualys tests are wrong or (3) > between a Fedora and two Centos machines, one of which is really just a > test machine, all are out of wack or (4) something else is weird. > > Anyone else ran Qualys test on their "patched" Centos server? > > https://www.ssllabs.com/ssltest/analyze.html?d=YOUR_DOMAIN_NAME&hideResults=on > > Anyone else tried Tripwire on their "patched" Centos server? > > https://raw.githubusercontent.com/Tripwire/OpenSSL-CCS-Inject-Test/master/OSSL_CCS_InjectTest.py > > I would love to see if anyone else is getting the same warnings. > > Thanks... > > > On 06/21/2014 03:09 PM, Tora Tora Tora wrote: >> And now I have tried a reboot. No change. Weird ... > _______________________________________________ > tor-relays mailing list > tor-relays@xxxxxxxxxxxxxxxxxxxx > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ tor-relays mailing list tor-relays@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays