HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Server Operation (http://www.howtoforge.com/forums/forumdisplay.php?f=5)
-   -   TLS 1.1 support in Apache 2.2 or latest (http://www.howtoforge.com/forums/showthread.php?t=59657)

max123 20th November 2012 21:01

TLS 1.1 support in Apache 2.2 or latest
 
Hi all,
i'm confused!
i read as part of the features list for Apache 2.2
http://httpd.apache.org/docs/2.2/mod/mod_ssl.html
that
SSL_PROTOCOL string The SSL protocol version (SSLv2, SSLv3, TLSv1, TLSv1.1, TLSv1.2)


however when i run the app using apache 2.2 i get following:
[Thu Nov 08 13:38:54 2012] [notice] Apache/2.2.10 (Unix) DAV/2 mod_ssl/2.2.10 OpenSSL/0.9.7d mod_jk/1.2.26 configured -- resuming normal operations

meaning i'm using apache 2.2 but with openssl 0.9 whcih according to what i read only supports upto TLSv1.0 and not above. to get TLS 1.1 apparently i need open ssl 1.0.1.
https://community.qualys.com/thread/2013

prooblem 1 - does apache 2.2 or 2.4 support TLS 1.1 or not? - documentation says it does via the mod ssl.

if yes then how do i get TLS1.1 working? i would appreaciate some direction, app only way is to recompile with openssl 1.0 and that 2.2 does not support TLSv1.1,

thanks

max123 21st November 2012 14:02

ok. clarification and update - yes to get TLS 1.1 you do need to recompile using ssl 1.0.1
standard apache version doesn't have TLS1.1 support

Ben 21st November 2012 16:05

Generally this depends on the openssl version your distribution's apache/nod_ssl.so was compiled with.

Never the less you could compile openssl + apache yourself from the source to benefit from tls1.1+ etc.
But then you also have to maintain this future on.


All times are GMT +2. The time now is 02:51.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.