httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From karl karloff <karlkarl...@hotmail.com>
Subject [users@httpd] VirtualHosts, SSLProtocol, and SSLCipherSuite
Date Mon, 15 Jun 2015 22:37:10 GMT
Is there a way in the current Apache (2.4.x or 2.2.x) to specify an SSLProtocol and SSLCipherSuite
that affects only a singular VirtualHost?

e.g.
www.example.com requires modern encryption (i.e. TLSv1.2)
old.example.com allows only deprecated Protocols/ciphers (e.g. SSLv3)

I tried using something like

<VirtualHost www.example.com:443>
SSLProtocol    TLSv1.2
...
</VirtualHost>
<VirtualHost old.example.com:443>
SSLProtocol    SSLv3
...
</VirtualHost>

however it seems that the SSLProtocol directive is not honored inside a VirtualHost section.

Is there a way to configure this properly so that individual VirtualHosts honor only the specified
protocols?  Can the same method be used for SSLCipherSuite?

Thanks,
Karl
 		 	   		  
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message