https://bz.apache.org/bugzilla/show_bug.cgi?id=68863
Thomas Jarosch <thomas.jaro...@intra2net.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |thomas.jaro...@intra2net.co | |m --- Comment #1 from Thomas Jarosch <thomas.jaro...@intra2net.com> --- Thanks for the report, I'm also seeing this. Our automated QA suite for our distro identified the same issue. We automatically test different ciphers. The DHE ciphers using TLS v1.2 no longer work since upgrading from 2.4.58 to 2.4.59. Openssl version used is openssl-1.1.1u here. ECDHE ciphers still work, just DHE is affected. I've quickly browsed through the 2.4.58..2.4.59 commits but didn't spot anything obvious. My gut feeling is that it might be related to the changed openssl initialization, but that's a wild guess. This is our cipher configuration, DHE is de-prioritized to come last: SSLCipherSuite TLS_CHACHA20_POLY1305_SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256 SSLProtocol -TLSv1 -TLSv1.1 +TLSv1.2 +TLSv1.3 -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org For additional commands, e-mail: bugs-h...@httpd.apache.org