httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Yehuda Katz <yeh...@ymkatz.net>
Subject Re: [users@httpd] how to upgrade httpd apache with existing SSL
Date Fri, 12 Jun 2015 20:20:24 GMT
Generally you should use the newest version.
SSL3 is no longer recommended for use at all. It is disabled by default in
some releases and not others.
This site has some good info about SSL cipher orders for the "most secure"
setup: https://weakdh.org/sysadmin.html

- Y

On Thu, Jun 11, 2015 at 7:07 PM, Eddie Reyes <ereyes@pscomplete.com> wrote:

> Thank you.  Just Wanted to make sure.  Do you know what is the best
> version for a secure site?  or have all the SSL3 holes been fixed?
>
> Regards,
>
> Eduardo "Eddie" Reyes
> Owner/Lead Developer
> PS-Complete
> 209-624-0309
> www.pscomplete.com
>
> On Thu, Jun 11, 2015 at 3:45 PM, Yehuda Katz <yehuda@ymkatz.net> wrote:
>
>> Your SSL certificate is part of your configuration, not part of the
>> server itself. Just make sure you don't overwrite the config files
>> (including where ever the SSL config says that the certificate is stored)
>> and you shouldn't lose the certificate.
>>
>> Sent from a gizmo with a very small keyboard and hyperactive autocorrect.
>> On Jun 11, 2015 5:55 PM, "Eddie Reyes" <ereyes@pscomplete.com> wrote:
>>
>>> Hello All,
>>>      Is there a way to upgrade apache to the latest version WITHOUT
>>> loosing your existing SSL cert?
>>>
>>>
>>>
>>> Regards,
>>>
>>>
>>>
>

Mime
View raw message