There is an exception, you can only use that directive in server config, that's why I asked about the context.
If you set that up inside a virtualhost, it will probably will give you issues. -- *Daniel Ferradal* IT Specialist email dferra...@gmail.com linkedin es.linkedin.com/in/danielferradal 2015-03-16 5:48 GMT+01:00 Cathy Fauntleroy <cathy.fauntle...@vdtg.com>: > Daniel, > > > > Thanks for the response. I am running OpenSSL 0.9.8. I am attempting to > secure TLS compression and mitigate the CRIME vulnerability by adding the > following directive to the httpd.conf file: > > > > Implementation on Apache HTTP Server (mod_ssl) > > The following configuration block can be used in Apache HTTP Server > 2.2+/2.4+ with mod_ssl. However, there is an exception of being able to > turn off TLS/SSL Compression as this is only possible Apache HTTP Server > 2.2.24/2.4.3+ using the SSLCompression directive. > > > > SSLProtocol ALL -SSLv2 -SSLv3 > > SSLHonorCipherOrder On > > SSLCipherSuite ECDH+AESGCM > :DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3 > DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5 > > SSLCompression Off > > I am > > > > Thanks… > > *Cathy Fauntleroy,* *Security+* > > *Van Dyke Technology Group* > > *Email:** cathy.fauntle...@vdtg.com <cathy.fauntle...@vdtg.com>* > > *Office: (443) 832-4768 <%28443%29%20832-4768>* > > > > *From:* Daniel [mailto:dferra...@gmail.com] > *Sent:* Saturday, March 14, 2015 7:24 PM > *To:* <users@httpd.apache.org> > *Subject:* Re: [users@httpd] SSL Compression > > > > > > > > 2015-03-14 15:02 GMT+01:00 Cathy Fauntleroy <cathy.fauntle...@vdtg.com>: > > Hello Everyone, > > > > I have Apache 2.2.24 installed and I am attempting to disable > compression. I am editing the httpd.conf file and adding ‘SSLCompression > Off’. When I do that, the Apache service does not start. The system log > does not register any meaningful error. Has anyone encountered this before? > > > > Thanks… > > *Cathy Fauntleroy,* *Security+* > > *Van Dyke Technology Group* > > *Email:** cathy.fauntle...@vdtg.com <cathy.fauntle...@vdtg.com>* > > *Office: (443) 832-4768 <%28443%29%20832-4768>* > > > > > > In which context are you trying to use it? Which openssl version do you > use? > > > > -- > > *Daniel Ferradal* > > IT Specialist > > > > email dferra...@gmail.com > > linkedin es.linkedin.com/in/danielferradal >