Hello there, Thanks for answering so quickly! I’m trying to use the older variants method before I upgrade the Calendar server completely. But in this patch, isn’t the best method TLSv1? and not SSLv23? Pascal Le 2014-10-16 à 12:42, Cyrus Daboo <cdaboo@apple.com> a écrit :
Hi Pascal,
--On October 16, 2014 at 12:38:37 PM -0400 Pascal Dallaire <pascaldallaire@cre-gim.net> wrote:
What is the way to disable SSLv3 in CalendarServer to protect against POODLE?
Our trunk code has the fix. The svn diff for the change is here:
<https://trac.calendarserver.org/changeset/14035>
Depending on what version you are using, you should be able to apply that change relatively easily. Older variants might also need the following applied:
<https://trac.calendarserver.org/changeset/14062>
-- Cyrus Daboo