https://bz.apache.org/bugzilla/show_bug.cgi?id=59087
--- Comment #2 from Björn Jacke <[email protected]> --- this is openssl 1.0.1k. Apache/openssl/mod_ssl from current Debian Jessie. I can confirm that configuring the RSA cert after the ECC makes the DH parameter size calculation reasonable again. This isn't documented anywhere, is it? It would also be nice if the oder of certs given would not have such security related consequences as this configuration to do is not obvious to do at all. mod_ssl should rather just choose the right parameter size for a RSA cert and ignore the ECC one for the calculation of that, shouldn't it? -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
