Re: apache 2.4.10 sslv3 not offering when tls is enabled

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Just tried a fresh install


allowed all ciphers (just for testing)

with

$
        #   options.
        #   Enable only secure ciphers:
        SSLCipherSuite ALL:!aNULL

        # SSL server cipher order preference:
        # Use server priorities for cipher algorithm choice.
        # Clients may prefer lower grade encryption.  You should enable this
        # option if you want to enforce stronger encryption, and can afford
        # the CPU cost, and did not override SSLCipherSuite in a way that puts
        # insecure ciphers first.
        # Default: Off
        SSLHonorCipherOrder on

        #   The protocols to enable.
        #   Available values: all, SSLv3, TLSv1, TLSv1.1, TLSv1.2
        #   SSL v2  is no longer supported
        #SSLProtocol all -SSLv3
        #SSLProtocol SSLv3
        SSLProtocol SSLv3 +all


Where

        SSLProtocol all -SSLv3 ==> logically only TLS
        #SSLProtocol SSLv3 ==> logaically only SSLv3
        SSLProtocol SSLv3 +all ==> only TLS :-(     tried all combinations



:-(



Show details for Sven Crul ---10/02/2017 10:10:28---at this moment i have this But i had everything :-pSven Crul ---10/02/2017 10:10:28---at this moment i have this But i had everything :-p
Hide details for Sven Crul ---10/02/2017 10:10:28---at this moment i have this But i had everything :-pSven Crul ---10/02/2017 10:10:28---at this moment i have this But i had everything :-p

From: Sven Crul <Sven.Crul@xxxxxxxxxxx>
To: users@xxxxxxxxxxxxxxxx
Date: 10/02/2017 10:10
Subject: Re: apache 2.4.10 sslv3 not offering when tls is enabled




at this moment i have this

But i had everything :-p




      #   SSL Cipher Suite:
       #   List the ciphers that the client is permitted to negotiate. See the
       #   ciphers(1) man page from the openssl package for list of all available
       #   options.
       #   Enable only secure ciphers:
       #SSLCipherSuite HIGH:MEDIUM:ALL:!aNULL
       SSLCipherSuite TLSv1.2:TLSv1.1:TLSv1:SSLv3


       # SSL server cipher order preference:
       # Use server priorities for cipher algorithm choice.
       # Clients may prefer lower grade encryption.  You should enable this
       # option if you want to enforce stronger encryption, and can afford
       # the CPU cost, and did not override SSLCipherSuite in a way that puts
       # insecure ciphers first.
       # Default: Off
       SSLHonorCipherOrder on


       #   The protocols to enable.
       #   Available values: all, SSLv3, TLSv1, TLSv1.1, TLSv1.2
       #   SSL v2  is no longer supported
       #SSLProtocol -all +TLSv1 +SSLv3
       SSLProtocol SSLv3 +TLSv1 +TLSv1.1 +TLSv1.2



Daniel ---10/02/2017 10:00:54---do you change SSLCipherSuite?, show us which one you have 2017-02-10 9:29 GMT+01:00 Sven Crul <Sven.

Daniel ---10/02/2017 10:00:54---do you change SSLCipherSuite?, show us which one you have 2017-02-10 9:29 GMT+01:00 Sven Crul <Sven.

From:
Daniel <dferradal@xxxxxxxxx>
To:
"<users@xxxxxxxxxxxxxxxx>" <users@xxxxxxxxxxxxxxxx>
Date:
10/02/2017 10:00
Subject:
Re: apache 2.4.10 sslv3 not offering when tls is enabled





do you change SSLCipherSuite?, show us which one you have

2017-02-10 9:29 GMT+01:00 Sven Crul <
Sven.Crul@xxxxxxxxxxx>:


--

Daniel Ferradal

IT Specialist

email        
 dferradal at gmail.com
linkedin    
es.linkedin.com/in/danielferradal



[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux