I'm attempting to disable SSLv2 from all the services providing SSL on this server (PCI requirements).
That's easy enough in Apache/Postfix/etc.
I see an option named "no_ssl2" I can disable in miniserv.conf.
Doing so seems to have no effect -- until I remove the eval() around "Net::SSLeay::CTX_set_options($ctx,&Net::SSLeay::OP_NO_SSLv2)" on line 34, at which point I can see that it's causing a segfault as Webmin starts up.
I'm trying this on CentOS 4. I originally tried that using the Virtualmin provided perl-Net-SSLeay-1.26 package -- but I later removed that and installed 1.35 from CPAN with no luck either, both segfault.
Using no_ssl2 on my Ubuntu 8.04 server has the same results, it also segfaults.
Any thoughts on where things might be going awry, or perhaps another way to disable SSLv2?