SSLProtocol and TLSv1

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I'm running Apache distributed via CentOS6:
Server: Apache/2.2.15 (CentOS)

I'm attempting to disable TLSv1.0 in ssl.conf using either of:

SSLProtocol all -SSLv2 -SSLv3 -TLSv1
or
SSLProtocol +TLSv1.1 +TLSv1.2

Either setting seems to work in disabling TLSv1 if the apache server is requested via private IP address.

However, neither seem to work in disabling TLSv1 if the apache server is requested via public IP address.

I'm using openssl to test support for tlsv1 using:
/usr/bin/openssl s_client -connect x.x.x.x:443 -tls1

When x.x.x.x is replaced with private IP address, TLSv1 is not supported.
When x.x.x.x is replaced with public IP address, TLSv1 is supported.

NAT'ing is set up properly from the private to public IP addresses that I am using to test.

openssl version is:
$ openssl version -a
OpenSSL 1.0.1e-fips 11 Feb 2013

The server is configured for IP based virtual hosts.

Does anyone have any idea why this would be happening?

Thank you.

[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux