Qualys reports F for our SSL certs

aturhan · April 20, 2018, 5:55pm

Hi,

After looking at the report, I think the reason why our qualys reports end up in F is because options-ssl-apache.conf is not read properly because it’s complaining that we are using SSLv3, etc… We have a proxy server in front of our apache, so ssl is served from 444. Is this the reason why? Do I have to do something in apache config file so that options-ssl-apache.conf is included. Sorry I don’t even know how to ask this question properly, my English is limited. Please let me know if you need clarification. Thanks in advance.

ps. Qualys reports says:

This server supports insecure cipher suites (see below for details). Grade set to F.
This server accepts RC4 cipher, but only with older protocols. Grade capped to B.

rg305 · April 20, 2018, 6:22pm

You should disable SSLv3 on whichever server is connected from the Internet over port 443.
OR just disable SSLv3 on all systems; as that is a very outdated protocol.

system · May 20, 2018, 6:23pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Qualys is giving B rating to SSL and error in (SHA1withRSA) Help	6	1610	August 10, 2017
I have updated openssl-1.0.1e to openssl-1.0.1t but I am still getting an F rating Help	10	2847	August 26, 2016
CertBot auto configuration for Apache - TLS 1.0 and 1.1 Help	2	2019	August 22, 2019
[ssllabs.com]Grade capped to C Server	6	1878	September 4, 2016
F Rating for helloworld.letsencrypt.org on Qualys SSL Labs [Fixed] Site Feedback	9	5723	July 9, 2016

Qualys reports F for our SSL certs

Related topics