httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Yann Ylavic <ylavic....@gmail.com>
Subject Re: [users@httpd] Weirdo intepretation of SSLprotocol order
Date Thu, 07 May 2015 09:13:17 GMT
Hello,

you may hit an issue fixed in [1] (for upcoming 2.4.13).

Can you manage to build a patched httpd-2.2.29 from sources?

Regards,
Yann.

[1] http://svn.us.apache.org/r1663258


On Wed, May 6, 2015 at 2:54 PM,  <apache@thva.dk> wrote:
> hello,
>
>
> So i have an apache 2.2.29 running Prefork on FreeBSD 64bit.
>
> I have a number of vhosts included - one vhost per domain name. In any of
> these vhost containers the SSLProtocol directive seems to be ignored, but
> only the default vhost is dictating the SSLProtocol for all other (this is
> ofcourse the first HTTPS enabled vhost container, which might be relevant).
> Though documentation argues that its applicable per vhost, and not only in
> server config.
>
> For testing purpose, i use add the following to my sub-vhost:
>         SSLProtocol             -ALL +TLSv1.2
>
> But when the default vhost is configured as such:
>         SSLProtocol             -ALL +TLSv1 +TLSv1.1 +TLSv1.2
>
> - that final example is the only, thats used throughout the webserver.
>
>
> I read in http://httpd.apache.org/docs/2.2/mod/mod_ssl.html#sslprotocol,
> that it should be applicable per virtual host.
> The goal is to host some sites via TLS 1.2 only, and some other ones only in
> TLS 1.1 for instance.
>
>
>
> Does anyone else meet the same challenge or know how to resolve this ?
>
>
>
> br
> congo
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message