Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Server Operation

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 20th November 2012, 21:01
max123 max123 is offline
Junior Member
 
Join Date: Nov 2012
Posts: 5
Thanks: 0
Thanked 0 Times in 0 Posts
Default TLS 1.1 support in Apache 2.2 or latest

Hi all,
i'm confused!
i read as part of the features list for Apache 2.2
http://httpd.apache.org/docs/2.2/mod/mod_ssl.html
that
SSL_PROTOCOL string The SSL protocol version (SSLv2, SSLv3, TLSv1, TLSv1.1, TLSv1.2)


however when i run the app using apache 2.2 i get following:
[Thu Nov 08 13:38:54 2012] [notice] Apache/2.2.10 (Unix) DAV/2 mod_ssl/2.2.10 OpenSSL/0.9.7d mod_jk/1.2.26 configured -- resuming normal operations

meaning i'm using apache 2.2 but with openssl 0.9 whcih according to what i read only supports upto TLSv1.0 and not above. to get TLS 1.1 apparently i need open ssl 1.0.1.
https://community.qualys.com/thread/2013

prooblem 1 - does apache 2.2 or 2.4 support TLS 1.1 or not? - documentation says it does via the mod ssl.

if yes then how do i get TLS1.1 working? i would appreaciate some direction, app only way is to recompile with openssl 1.0 and that 2.2 does not support TLSv1.1,

thanks
Reply With Quote
Sponsored Links
  #2  
Old 21st November 2012, 14:02
max123 max123 is offline
Junior Member
 
Join Date: Nov 2012
Posts: 5
Thanks: 0
Thanked 0 Times in 0 Posts
Default

ok. clarification and update - yes to get TLS 1.1 you do need to recompile using ssl 1.0.1
standard apache version doesn't have TLS1.1 support
Reply With Quote
  #3  
Old 21st November 2012, 16:05
Ben Ben is offline
Moderator
 
Join Date: Jul 2006
Posts: 1,029
Thanks: 7
Thanked 62 Times in 56 Posts
 
Default

Generally this depends on the openssl version your distribution's apache/nod_ssl.so was compiled with.

Never the less you could compile openssl + apache yourself from the source to benefit from tls1.1+ etc.
But then you also have to maintain this future on.
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
[The Perfect Spamsnake Ubuntu 10.10] - No mail relay, just errors. itsnedkeren HOWTO-Related Questions 2 20th February 2011 10:45
ISP-Server Setup - Ubuntu 5.10 "Breezy Badger" Problem with ISPConfig chipw Installation/Configuration 6 30th October 2006 09:38
Problem with BIND and ISPConfigs's DNS Manager Nejko Installation/Configuration 66 22nd April 2006 20:47
Install Error Alpha Installation/Configuration 9 6th April 2006 19:48
setup fails on debian 3.1 dtrumbower Installation/Configuration 7 7th March 2006 13:42


All times are GMT +2. The time now is 17:51.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.