SSLHonorCipherOrder not working as expected

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I've a reverse proxy based on apache 2.2.x (centos6.x) with soma name based virtualhosts; trying to connect with an old app axis and java1.4.2.x based, it only works with the following configuration:

SSLProtocol ALL -SSLv2 -SSLv3
SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS +RC4 RC4"
SSLHonorCipherOrder off #Default

Turning SSLHonorCipherOrder On it doesn't work, I receive an error tls internal error 80.
An internal error unrelated to the peer or the correctness of the protocol makes it impossible to continue, such as a memory allocation failure. The error is not related to protocol. This message is always fatal.

Following  the SSLHonorCipherOrder directive: you can set in
server config and virtual host, but it seems not to work.

The problem:
If I set it on in the main server (or the first virtualhost), I cannot deactivate it in the second virtualhost.
The same If I set it of in the main server (or the first virtualhost) and I want to activate it in the second virtualhost. I cannot.

Could It be a bug or it is made by design?
How could I set the SSLHonorCipherOrder directive per virtualhost?

Regards
Michele Masè
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux