Hello,
having Ubuntu 14 server with Apache 2.4.7
I configured to have SSLCipherSuite dependent on the client IP address.
But the If/Else directive seems to be just silently ignored, only and always the global default SSLCipherSuite value is in effect.
The SSLCipherSuite given in the If or Else block (which should be taken for every client that is not in the 1.2.3.0/26 network) is not taken.
Why does this not work?
Is there another way to achieve the goal?
Here the vHost config:
<VirtualHost *:4433>
ServerName ssl-test.example.com
DocumentRoot "/var/www/docs/empty"
SSLEngine on
SSLCertificateKeyFile "/etc/apache2/ssl/keys/test.key"
SSLCertificateFile "/etc/apache2/ssl/certs/test.crt"
SSLCertificateChainFile "/etc/apache2/ssl/certs/test.crt"
<If "-R '1.2.3.0/26'">
SSLCipherSuite -all:MD5
</If>
<Else>
SSLCipherSuite -all:SHA1
</Else>
CustomLog "/var/log/apache2/test/access.log" vhost_combined
ErrorLog "/var/log/apache2/test/error.443.log"
</VirtualHost>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|