There are 2 posts tagged PCI compliance (this is page 1 of 1).
SSL v2 is weak and outdated protocol. All modern browsers and applications support SSL v3 and that’s why you should disable SSL v2 where possible.
Using this command you can check if SSL v2 is enabled:
openssl s_client -connect www.example.org:443 -ssl2
SSL v2 is weak and outdated protocol. All modern browsers support SSL v3 and it’s enabled by default on Windows 2008 (IIS 7 / IIS 7.5). To make sure all clients are using SSL v3 we must disable SSL v2. This is required for PCI compliance. Continue reading