httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Noway Priv <sarkofag...@gmail.com>
Subject Re: [users@httpd] VirtualHosts, SSLProtocol, and SSLCipherSuite
Date Tue, 16 Jun 2015 09:17:22 GMT
Hi,

Have you tested with the "+"?

from docs :
Syntax:SSLProtocol [+|-]protocol ...

ex :
<VirtualHost www.example.com:443>
SSLProtocol   +TLSv1.2
...
</VirtualHost>
<VirtualHost old.example.com:443>
SSLProtocol    +SSLv3
...
</VirtualHost>



On Tue, Jun 16, 2015 at 12:37 AM, karl karloff <karlkarloff@hotmail.com> wrote:
> Is there a way in the current Apache (2.4.x or 2.2.x) to specify an SSLProtocol and SSLCipherSuite
that affects only a singular VirtualHost?
>
> e.g.
> www.example.com requires modern encryption (i.e. TLSv1.2)
> old.example.com allows only deprecated Protocols/ciphers (e.g. SSLv3)
>
> I tried using something like
>
> <VirtualHost www.example.com:443>
> SSLProtocol    TLSv1.2
> ...
> </VirtualHost>
> <VirtualHost old.example.com:443>
> SSLProtocol    SSLv3
> ...
> </VirtualHost>
>
> however it seems that the SSLProtocol directive is not honored inside a VirtualHost section.
>
> Is there a way to configure this properly so that individual VirtualHosts honor only
the specified protocols?  Can the same method be used for SSLCipherSuite?
>
> Thanks,
> Karl
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message