New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Uses insecure SSLv3 #8842
Comments
Can you let me know the IP address of the server to reproduce the issue. |
The webdav server is Replying to [comment:5 dkocher]:
|
Attached debug output with SSL trace shows that
|
Also the trace shows that a
It looks to me that this server is configured to only accept TLSv1 but not later versions. |
|
oups, thanks a lot for your help. I haven't read correctly all the ssl dump file. Cyberduck supports TLS 1.2 and TLS 1.1. |
Would it possible to replace insecure SSLv3 with TLS1.1 or higher for the encryption ?
This is because our webdav server refuses (Heartbeat attack) any negotiation with SSLv3.
The SSL dump for Hello phase:
The text was updated successfully, but these errors were encountered: