I can get there from my MWG running 7.6.1, but I imagine it works on 7.5.2 as well. 7.5.2 is when we added support for elliptic curve ciphers.
Have you configured your MWG to protect against POODLE? If MWG is offering SSLv3 some servers will reject the handshake outright:
Many thanks for your reply. I understand that the web gateway from version 7.5.2 onward provides another openssl version and therefore also enlarged support for stong(er) ciphers. Could u provide me the output of "openssl version" on the 7.6.1 system? We scheduled an upgrade to the latest version later this year.
Yes, we protected our ww against the poodle attack. SSLv3 is definitely over ...
Here is the version info:
OpenSSL 1.0.1q-fips 3 Dec 2015
For reference 7.5.1 is a controlled release that is ok to run for a little while, but it's assumed that you upgrade to the main release once it comes out. Maybe you know this maybe you dont, here is the obligatory upgrade guide:
Jon, we scheduled an update to 7.5.2 for January this year. After I have gone through the release notes I had to recognize that there are no improvements which would affect us in any kind ... so I decided to reschedule the upgrade for later on this year. If I had knew about the added support for ECC I would have done the update ... did not read anything in the notes as I can remember
However, many thanks for your support.