Re: [users@httpd] SSLProtocol and TLSv1

2016-07-14 Thread Phil Smith
t; > > > Are there any interim gateway devices? > > > > If so – do they manage SSL offloading? > > > > Theo > > > > *From:* Phil Smith [mailto:philbo...@gmail.com] > *Sent:* 13 July 2016 21:47 > *To:* users@httpd.apache.org > *Subject:* [users@httpd

Re: [users@httpd] SSLProtocol and TLSv1

2016-07-14 Thread Rajesh Tammineni
Check if there is any load balancer to your public ip. If it is then you need to check the SSL settings on load balancer side. Thanks Raj > On 14 Jul 2016, at 4:53 AM, Phil Smith wrote: > > No. SSLProtocol is configured properly for each VirtualHost section including > the default. > >> On W

RE: [users@httpd] SSLProtocol and TLSv1

2016-07-14 Thread Theo Sweeny
] Sent: 13 July 2016 21:47 To: users@httpd.apache.org Subject: [users@httpd] SSLProtocol and TLSv1 I'm running Apache distributed via CentOS6: Server: Apache/2.2.15 (CentOS) I'm attempting to disable TLSv1.0 in ssl.conf using either of: SSLProtocol all -SSLv2 -SSLv3 -TLSv1 or SSLProtoco

Re: [users@httpd] SSLProtocol and TLSv1

2016-07-13 Thread Frank Gingras
That won't work. You must define it in the global scope. If you have several ssl vhosts and only set SSLProtocol in the vhost context, the value from the first vhost would take precedence. On Wed, Jul 13, 2016 at 4:53 PM, Phil Smith wrote: > No. SSLProtocol is configured properly for each Virtu

RE: [users@httpd] SSLProtocol and TLSv1

2016-07-13 Thread Houser, Rick
com] > Sent: Wednesday, July 13, 2016 16:49 > To: users@httpd.apache.org > Subject: Re: [users@httpd] SSLProtocol and TLSv1 > > On Wed, Jul 13, 2016 at 4:46 PM, Phil Smith wrote: > > Either setting seems to work in disabling TLSv1 if the apache server is > > requested via privat

Re: [users@httpd] SSLProtocol and TLSv1

2016-07-13 Thread Phil Smith
No. SSLProtocol is configured properly for each VirtualHost section including the default. On Wed, Jul 13, 2016 at 4:48 PM, Eric Covener wrote: > On Wed, Jul 13, 2016 at 4:46 PM, Phil Smith wrote: > > Either setting seems to work in disabling TLSv1 if the apache server is > > requested via priv

Re: [users@httpd] SSLProtocol and TLSv1

2016-07-13 Thread Eric Covener
On Wed, Jul 13, 2016 at 4:46 PM, Phil Smith wrote: > Either setting seems to work in disabling TLSv1 if the apache server is > requested via private IP address. > > However, neither seem to work in disabling TLSv1 if the apache server is > requested via public IP address. Maybe you have SSL enab

[users@httpd] SSLProtocol and TLSv1

2016-07-13 Thread Phil Smith
I'm running Apache distributed via CentOS6: Server: Apache/2.2.15 (CentOS) I'm attempting to disable TLSv1.0 in ssl.conf using either of: SSLProtocol all -SSLv2 -SSLv3 -TLSv1 or SSLProtocol +TLSv1.1 +TLSv1.2 Either setting seems to work in disabling TLSv1 if the apache server is requested via pr