https://bz.apache.org/bugzilla/show_bug.cgi?id=68863
Thomas Jarosch <thomas.jaro...@intra2net.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |thomas.jaro...@intra2net.co
| |m
--- Comment #1 from Thomas Jarosch <thomas.jaro...@intra2net.com> ---
Thanks for the report, I'm also seeing this.
Our automated QA suite for our distro identified the same issue. We
automatically test different ciphers. The DHE ciphers using TLS v1.2 no longer
work since upgrading from 2.4.58 to 2.4.59. Openssl version used is
openssl-1.1.1u here.
ECDHE ciphers still work, just DHE is affected. I've quickly browsed through
the 2.4.58..2.4.59 commits but didn't spot anything obvious. My gut feeling is
that it might be related to the changed openssl initialization, but that's a
wild guess.
This is our cipher configuration, DHE is de-prioritized to come last:
SSLCipherSuite
TLS_CHACHA20_POLY1305_SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256
SSLProtocol -TLSv1 -TLSv1.1 +TLSv1.2 +TLSv1.3
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org
For additional commands, e-mail: bugs-h...@httpd.apache.org
