要缓解SWEET32攻击(CVE-2016-2183),请使用3DES密码套件 与RC4一样,默认情况下已被禁用并从DEFAULT中删除. 请参阅下面的RC4项以重新启用两者. ... 基于RC4的libssl密码套件现在被归类为弱"密码,并且 默认禁用. 可以使用 enable-weak-ssl-ciphers选项以配置. To mitigate the SWEET32 attack (CVE-2016-2183), 3DES cipher suites have been disabled by default and removed from DEFAULT, just like RC4. See the RC4 item below to re-enable both. ... RC4 based libssl ciphersuites are now classed as "weak" ciphers and are disabled by default. They can be re-enabled using the enable-weak-ssl-ciphers option to Configure. 这篇关于SSL v3握手失败(但仅在更新版本的OpenSSL中)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!
09-26 16:22