I am trying to disable sslv2 completely. When I run scan from http://ssllabs.com, "SSL 2.0+ upgrade support" is marked as yes. I want to disable this too.

I found an answer at http://forum.nginx.org/read.php?2,104032 when searching for the same.

Have a naive question on this. Obviously just creating /etc/ssl/openssl.cnf is not enough to disable sslv2 handshake. Does one need to re-key his certificate ? Can someone please list out all steps to disable sslv2 handshake ?

Thanks,
Bhargava

My env: nginx 1.0.11 and openssl "OpenSSL 1.0.0e-fips 6 Sep 2011". I have added the following line to my nginx conf, "ssl_protocols SSLv3 TLSv1;"