Re: [users@httpd] apache 2.4.10 sslv3 not offering when tls is enabled

2017-02-10 Thread Sven Crul
Why does the server offers sslv3 when I Only enable SSLv3 :-s SSL_PROTOCOL SSLv3 From: Eric Covener To: users@httpd.apache.org Cc: Christopher Schultz Date: 10/02/2017 13:48 Subject:Re: [users@httpd] apache 2.4.10 sslv3 not offering when tls is enabled

Re: [users@httpd] apache 2.4.10 sslv3 not offering when tls is enabled

2017-02-10 Thread Eric Covener
On Fri, Feb 10, 2017 at 3:29 AM, Sven Crul wrote: > I cannot get the server to offer SSLV3 when TLS is enabled (Any TLS ) > when I do ssl protocol SSLv3 then sslv3 works but from the moment I add TLS > , SSLv3 no longer works > ​Debian compiles openssl w/o SSLv3 support. You'll need to build a

Re: [users@httpd] apache 2.4.10 sslv3 not offering when tls is enabled

2017-02-10 Thread Sven Crul
7-02-10 9:29 GMT+01:00 Sven Crul To: "" Date: 10/02/2017 10:00 Subject: Re: [users@httpd] apache 2.4.10 sslv3 not offering when tls is enabled do you change SSLCipherSuite?, show us which one you have 2017-02-10 9:29 GMT+01:00 Sven Crul : Hi, First off all Thanks ,

Re: [users@httpd] apache 2.4.10 sslv3 not offering when tls is enabled

2017-02-10 Thread Sven Crul
k with > https://mozilla.github.io/server-side-tls/ssl-config-generator/ From: Christopher Schultz Reply: users@httpd.apache.org  Date: 10 February 2017 at 12:15:30 AM To: users@httpd.apache.org  Subject:  Re: [users@httpd] apache 2.4.10 sslv3 not offering wh

Re: [users@httpd] apache 2.4.10 sslv3 not offering when tls is enabled

2017-02-10 Thread Daniel
t; ]Mitchell Krog Photography ---10/02/2017 > 08:26:09---Your SSL config for Apache 2.4.10 should be as follows > > > From: Mitchell Krog Photography > To: Christopher Schultz , > users@httpd.apache.org > Date: 10/02/2017 08:26 > Subject: Re: [users@httpd] apache 2.4.10 sslv3

Re: [users@httpd] apache 2.4.10 sslv3 not offering when tls is enabled

2017-02-10 Thread Sven Crul
longer works Sven From: Mitchell Krog Photography To: Christopher Schultz , users@httpd.apache.org Date: 10/02/2017 08:26 Subject:Re: [users@httpd] apache 2.4.10 sslv3 not offering when tls is enabled Your SSL config for Apache 2.4.10 should be as

Re: [users@httpd] apache 2.4.10 sslv3 not offering when tls is enabled

2017-02-09 Thread Mitchell Krog Photography
apache 2.4.10 sslv3 not offering when tls is enabled -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Daniel, On 2/9/17 4:53 PM, Daniel wrote: > Try manually: > > SSLProtocol SSLv3 TLSv1 TLSv1.1 TLSv1.2 And, please, for the love of god, add these, too: SSLHonorServerOrder On SSLCipherSuite

Re: [users@httpd] apache 2.4.10 sslv3 not offering when tls is enabled

2017-02-09 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Daniel, On 2/9/17 4:53 PM, Daniel wrote: > Try manually: > > SSLProtocol SSLv3 TLSv1 TLSv1.1 TLSv1.2 And, please, for the love of god, add these, too: SSLHonorServerOrder On SSLCipherSuite TLSv1.2:TLSv1.1:TLSv1:SSLv3 This will cause "better" cip

Re: [users@httpd] apache 2.4.10 sslv3 not offering when tls is enabled

2017-02-09 Thread Daniel
Try manually: SSLProtocol SSLv3 TLSv1 TLSv1.1 TLSv1.2 2017-02-09 17:30 GMT+01:00 Sven Crul : > Hi, > > > I switch to debian with apache 2.4.10 where I need sslv3 for backwards > compatibility with some OLD clients > > I use openssl 1.0.1t (latest stable for debian) > > > with the settings "sslp

[users@httpd] apache 2.4.10 sslv3 not offering when tls is enabled

2017-02-09 Thread Sven Crul
Hi, I switch to debian with apache 2.4.10 where I need sslv3 for backwards compatibility with some OLD clients I use openssl 1.0.1t (latest stable for debian) with the settings "sslprotocol all" in ssl.conf sslv3 is not offered with the setting "sslprotocol sslv3" in ssl.conf it works but