Weird SSLProtocol issue

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi,

 the setup is httpd-2.4.46 with OpenSSL-1.1.1g. The goal is to support the following SSL protocols:

TLS1.3
TLS1.2
TLS1  -- for some legacy reason

So I have specified:

SSLProtocol +TLSv1 +TLSv1.2 +TLSv1.3

Using "sslscan" I get:

  SSL/TLS Protocols:
SSLv2     disabled
SSLv3     disabled
TLSv1.0   disabled
TLSv1.1   disabled
TLSv1.2   enabled
TLSv1.3   enabled

If I use

SSLProtocol +TLSv1 -TLSv1.1 +TLSv1.2 +TLSv1.3

There is the same result. I can get 1.0 only if I explicitly enable 1.1

SSLProtocol +TLSv1 +TLSv1.1 +TLSv1.2 +TLSv1.3

resulting in

  SSL/TLS Protocols:
SSLv2     disabled
SSLv3     disabled
TLSv1.0   enabled
TLSv1.1   enabled
TLSv1.2   enabled
TLSv1.3   enabled

which is not what I want. So, any ideas? Am I doing something wrong?

Cheers
Martin
--
------------------------------------------------------
Martin Knoblauch
email: k n o b i AT knobisoft DOT de
www: http://www.knobisoft.de
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux