AnsweredAssumed Answered

POODLE + Extra Certs - 09/12/14

Question asked by Chris Peacock on Dec 9, 2014
Latest reply on Dec 11, 2014 by noneofthat

Good morning,

 

I've tested one of our SSLs and only SSL3.0 is showing as insecure. So, despite this latest vulnerability announcement (08/12/14) does this mean we're not affected by the latest announcement?

 

ProtocolsTLS 1.2Yes

TLS 1.1Yes

TLS 1.0Yes

SSL 3   INSECUREYes

SSL 2No

Also, we have a message about "Extra Certs". Using Verisign to sign the SSL, we always install the root certificate and the two intermediates from Verisign. So, 3 in total. Now your SSL Labs is showing as Extra Certs.
Please advise the above.
Thanks
Chris

Outcomes