check_http - support TLS v1.2 (#1338)

Stuart Henderson stu at
Fri Aug 28 09:34:18 CEST 2015

On 2015-08-27, Jason Wilkinson <notifications at> wrote:
> Some QSAs are starting to vail PCI scans when TLSv1 is enabled. They've
> already disallowed SSLv2 and SSLv3. That means that there are no checks that
> would be available via SSL with this command unless it's extended to support
> TLSv1.1 and TLSv1.2. This needs to be updated for this plugin to be useful
> in any environment that has PCI implications. 

It should still connect when you use auto-negotiation.

More information about the Devel mailing list