https://bz.apache.org/bugzilla/show_bug.cgi?id=60739
--- Comment #7 from Eric Covener <[email protected]> --- (In reply to David Favor from comment #6) > The problem seems to be an interaction between the Cipher List + SSLProtocol. > > Depending on setting of Cipher List SSLProtocol seems to work or be ignored. > > These settings disable TLSv1.0 > > # support old Android phones > SSLProtocol All -SSLv2 -SSLv3 -TLSv1 > > # Force using custom cipher list > SSLHonorCipherOrder on > > Define sslCiphers > -ALL:!ADH:!aNULL:!EXP:!EXPORT40:!EXPORT56:!3DES:!eNULL:!NULL:!RC4:!DES:!MD5:! > LOW > Define sslCiphers > ${sslCiphers}:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA- > AES256-SHA:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-RSA-AES256- > SHA:AES256-GCM-SHA384:AES256-SHA256:AES256-SHA > SSLCipherSuite ${sslCiphers} > > Other sslCiphers settings cause SSLProtocol to be ignored. > Can you share a specific pair with unexpected results? -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
