JOIN OUR AFFILIATE NETWORK

Join our affiliate network and become a local SSL expert

♦ learn more about our program ♦
Menu
picture of tbs certificates
picture of tbs certificates
 
Certificates
Our products range
Partners
Support
Focus


What are the risks linked to obsolete protocols (SSLv2, SSLv3, ...) ?

As everything linked to the IT world, aging protocols cause numerous problems regarding security matters. They are therefore updated regularly and the replaced to counter hackers looking for data to steel.

SSLv2 and SSLv3

SSLv2 has been created by Netscape in 1995 and SSLv3 by the same company in 1996. From the start, SSLv2 showed weaknesses and has quickly been replaced by SSLv3. TLS is now, and since several years, the standard.

Those protocols, too often used, are vulnerable to Man In The Middle (MITM) attacks allowing a third part to intercept, modify and decypher transferred data.

We advise our customers to disable these kind of protocols (see links below). Once done, check your sites with CopiBot.

Alert on Chrome



Since the version 39 of Chromium, a yello triangle appears on the padlock when the browsers spots the use of an outdated protocol such as SSLv3 or SSLv2.
Troubleshooting: see the links below to disable obsolete protocols on your servers



Since the version 41 of Chromium, a yellow triangle appears on the padlock when the certificate delivered by the server is still signed with SHA1 hash algorithm and expires after January 1st, 2017.
More about SHA1: Depreciation scheduled for 2017
Troubleshooting: Reissue the certificate in SHA256 or renew it.


2016-03-02 - DROWN Attack

A new attack recently published exploits SSLv2 support on servers. It concerns all protocoles based on SSL/TLS. Servers using Openssl versions inferior to 1.0.1f and 1.02g are especially vulnerable. We strongly recommend disabling SSLv2.

Useful links

External links