|
Understood. Just trying to exhaust all possible solutions before doing an OS upgrade.
We need to change Apache to use mod_nss instead of mod_ssl to enable TLS. This used to work just fine (I've installed this on OES/SLES11), and you will in fact find it discussed here: https://support.microfocus.com/kb/doc.php?id=7016828# but
unfortunately the other pages referenced in that article are broken links, another side effect of MicroFocus's ingestion of SUSE and Novell etc.
Apparently, at some point since that TID was written, upstream updates to mod_nss changed the way it works in that the related tools create the nss certificate database in a different format by
default (sqlite), and Apache doesn't seem to be willing to read it. There's probably a straightforward way around this, but it seems to be missing from the current documentation. Perhaps this question is better brought up in a SuSE listerv and not the general
Apache listserv.
From: Dennis Clarke <dclarke@xxxxxxxxxxxxx.INVALID>
Sent: Thursday, July 23, 2020 12:59 PM To: users@xxxxxxxxxxxxxxxx <users@xxxxxxxxxxxxxxxx> Subject: Re: Apache 2.2 and tls 1.2 On 7/23/20 4:41 PM, Tom Jubb wrote:
> New certs will successfully installed on Apache 2.2 Apache 2.2 ? That was End of Life a while ago. You have a bigger problem. Migrate to 2.4.43 and then deal with certs and such. -- Dennis Clarke RISC-V/SPARC/PPC/ARM/CISC UNIX and Linux spoken GreyBeard and suspenders optional --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx |
|