https://bz.apache.org/bugzilla/show_bug.cgi?id=60739
--- Comment #8 from [email protected] --- I have similar issue. Whatever I set in SSLProtocol it's ignored. apache2ctl -v Server version: Apache/2.4.10 (Debian) Server built: Feb 24 2017 18:40:28 openssl version OpenSSL 1.0.1t 3 May 2016 If I use the settings provided by David Favor : SSLProtocol All -SSLv2 -SSLv3 -TLSv1 SSLCipherSuite ALL:!ADH:!aNULL:!EXP:!EXPORT40:!EXPORT56:!3DES:!eNULL:!NULL:!RC4:!DES:!MD5:!LOW:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:AES256-GCM-SHA384:AES256-SHA256:AES256-SHA I got only TLSv1.2 enabled, not TLSv1.1. I could find a way to activate TLSv1.1, with or without TLSv1. All the time, only TLSv1.2 (I tried a lot of different ciphers suite). Note that if I try with the openssl s_server command, all is working as expected. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
