Apache fans, Delighted so report I have got to the bottom of my problem. So to share a few nuggets!
My confs-enabled/ssl.conf was being overridden by a LetsEncrypt ssl-options include in the VirtualHost.
Once I have commented out that, I made changes to ssl.conf which were reflected in the Qualys SSL Labs test.
In trying to build a list of 1.2 & 1.3 "safe" ciphers, using the [!-+] prefixes, you need to use names that are valid for openssl.
Documentation for openssl gives lists of common names (eg displayed in the ssl labs test) and the openssl equivalent.
Hopefully this will spare you many hours ... Thanks for the help, Paul --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
