Why does the server offers sslv3 when I Only enable SSLv3 :-s
SSL_PROTOCOL SSLv3
From: Eric Covener
To: users@httpd.apache.org
Cc: Christopher Schultz
Date: 10/02/2017 13:48
Subject:Re: [users@httpd] apache 2.4.10 sslv3 not offering when tls is
enabled
On Fri, Feb 10, 2017 at 3:29 AM, Sven Crul wrote:
> I cannot get the server to offer SSLV3 when TLS is enabled (Any TLS )
> when I do ssl protocol SSLv3 then sslv3 works but from the moment I add TLS
> , SSLv3 no longer works
>
Debian compiles openssl w/o SSLv3 support. You'll need to build a
7-02-10 9:29 GMT+01:00 Sven Crul
To: ""
Date: 10/02/2017 10:00
Subject: Re: [users@httpd] apache 2.4.10 sslv3 not offering when tls is
enabled
do you change SSLCipherSuite?, show us which one you have
2017-02-10 9:29 GMT+01:00 Sven Crul :
Hi,
First off all Thanks ,
k with >
https://mozilla.github.io/server-side-tls/ssl-config-generator/
From: Christopher Schultz
Reply: users@httpd.apache.org
Date: 10 February 2017 at 12:15:30 AM
To: users@httpd.apache.org
Subject: Re: [users@httpd] apache 2.4.10 sslv3 not offering wh
t; ]Mitchell Krog Photography ---10/02/2017
> 08:26:09---Your SSL config for Apache 2.4.10 should be as follows
>
>
> From: Mitchell Krog Photography
> To: Christopher Schultz ,
> users@httpd.apache.org
> Date: 10/02/2017 08:26
> Subject: Re: [users@httpd] apache 2.4.10 sslv3
longer works
Sven
From: Mitchell Krog Photography
To: Christopher Schultz ,
users@httpd.apache.org
Date: 10/02/2017 08:26
Subject:Re: [users@httpd] apache 2.4.10 sslv3 not offering when tls is
enabled
Your SSL config for Apache 2.4.10 should be as
apache 2.4.10 sslv3 not offering when tls is
enabled
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Daniel,
On 2/9/17 4:53 PM, Daniel wrote:
> Try manually:
>
> SSLProtocol SSLv3 TLSv1 TLSv1.1 TLSv1.2
And, please, for the love of god, add these, too:
SSLHonorServerOrder On
SSLCipherSuite
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Daniel,
On 2/9/17 4:53 PM, Daniel wrote:
> Try manually:
>
> SSLProtocol SSLv3 TLSv1 TLSv1.1 TLSv1.2
And, please, for the love of god, add these, too:
SSLHonorServerOrder On
SSLCipherSuite TLSv1.2:TLSv1.1:TLSv1:SSLv3
This will cause "better" cip
Try manually:
SSLProtocol SSLv3 TLSv1 TLSv1.1 TLSv1.2
2017-02-09 17:30 GMT+01:00 Sven Crul :
> Hi,
>
>
> I switch to debian with apache 2.4.10 where I need sslv3 for backwards
> compatibility with some OLD clients
>
> I use openssl 1.0.1t (latest stable for debian)
>
>
> with the settings "sslp
Hi,
I switch to debian with apache 2.4.10 where I need sslv3 for backwards
compatibility with some OLD clients
I use openssl 1.0.1t (latest stable for debian)
with the settings "sslprotocol all" in ssl.conf sslv3 is not offered
with the setting "sslprotocol sslv3" in ssl.conf it works but
10 matches
Mail list logo