Making your ssl.conf compliant for pci.
By default your ssl.conf usually includes weak protocols this will not pass a pci audit the fix is easy.
1. Make a back up of your current ssl.conf for roll back purposes
cp /etc/httpd/conf.d/ssl.conf /etc/httpd/conf.d/ssl.conf.`date +%y%m%d%H%M%S`
2. Verify your back up was created as expected
ls -l /etc/httpd/conf.d/ | grep ssl.conf
3. Edit the protocol and ciphersuite lines
/etc/httpd/conf.d/ssl.conf
comment out
#SSLProtocol all –SSLv2
#SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
Add in
SSLProtocol -ALL +SSLv3 +TLSv1
SSLCipherSuite ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM
4. Restart Apache
service apache restart
or
service httpd restart