I've a reverse proxy based on apache 2.2.x (centos6.x) with soma name based virtualhosts; trying to connect with an old app axis and java1.4.2.x based, it only works with the following configuration:
SSLProtocol ALL -SSLv2 -SSLv3 SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS +RC4 RC4" SSLHonorCipherOrder off #Default Turning SSLHonorCipherOrder On it doesn't work, I receive an error tls internal error 80. An internal error unrelated to the peer or the correctness of the protocol makes it impossible to continue, such as a memory allocation failure. The error is not related to protocol. This message is always fatal. Following the SSLHonorCipherOrder directive: you can set in server config and virtual host, but it seems not to work. The problem: If I set it on in the main server (or the first virtualhost), I cannot deactivate it in the second virtualhost. The same If I set it of in the main server (or the first virtualhost) and I want to activate it in the second virtualhost. I cannot. Could It be a bug or it is made by design? How could I set the SSLHonorCipherOrder directive per virtualhost? Regards Michele Masè
