You are viewing a plain text version of this content. The canonical link for it is here.
Posted to bugs@httpd.apache.org by bu...@apache.org on 2018/08/23 07:36:35 UTC
[Bug 60739] SSLProtocol settings seem to have no effect
https://bz.apache.org/bugzilla/show_bug.cgi?id=60739
A.Sklepas <a....@digi-web.gr> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |a.sklepas@digi-web.gr
--- Comment #17 from A.Sklepas <a....@digi-web.gr> ---
Hi, i can confirm the issue.
I have searched all configs and VHosts no overides are made it should work but
nmap --script ssl-enum-ciphers -p 443 IP | grep TLSv
returns TLS1.0, TLSv1.1
I also investigated the claims about letsencrypt:
Read this topic:
https://community.letsencrypt.org/t/how-to-disable-tlsv1/49117/4
On some systems the options-ssl-apache.conf seems to be included in the virtual
hosts.
"Include /etc/letsencrypt/options-ssl-apache.conf"
Anyway not in my case plus i have disabled the options in that file to be
certain.
PS. Why are we waiting to fix this one? I do see servers that have disabled
TLS1 btw...
My info: Apache/2.4.33
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org