httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Houser, Rick" <rick.hou...@jackson.com>
Subject RE: [users@httpd] SSLProtocol and TLSv1
Date Wed, 13 Jul 2016 20:54:39 GMT
I noticed you are running an older version of Apache via RHEL, and guessed that you are likely
in a corporate environment.  You might also have a MITM attack going on.  Lots of corporations
mess with traffic via MITM proxies that intercept traffic, redirects, etc.  If you don't find
the solution quickly, I suggest checking the TLS endpoint to make sure you are actually talking
to your server directly (check that the certs match, etc., not just the name on them).


Rick Houser
Web Administration


> -----Original Message-----
> From: Eric Covener [mailto:covener@gmail.com]
> Sent: Wednesday, July 13, 2016 16:49
> To: users@httpd.apache.org
> Subject: Re: [users@httpd] SSLProtocol and TLSv1
> 
> On Wed, Jul 13, 2016 at 4:46 PM, Phil Smith <philboonz@gmail.com> wrote:
> > Either setting seems to work in disabling TLSv1 if the apache server is
> > requested via private IP address.
> >
> > However, neither seem to work in disabling TLSv1 if the apache server is
> > requested via public IP address.
> 
> 
> Maybe you have SSL enabled in two scopes  (global, virtualhost) but
> only SSLProtocol in one of them?
> 
> 
> --
> Eric Covener
> covener@gmail.com
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Mime
View raw message