Categories
Unix

Webmin PCI Compliance

PCI compliance! Just the phrase is enough to ruin one’s day. But fear not, here is some handy info on what I’ve learned.

For Webmin, you should:

  1. Go to Webmin -> Webmin Configuration -> SSL Encryption
  2. Enter this into Allowed SSL Ciphers field: “ALL:!ADH:!LOW:!MEDIUM:!SSLv2:!EXP:+HIGH”
  3. Set SSL protocol version to “3”

You can check from the command line to make sure SSL-2 is not allowed via:

openssl s_client -connect localhost:10000 -ssl2

and you should get a line that has “error” in it to verify.