https://bz.apache.org/bugzilla/show_bug.cgi?id=55707
--- Comment #8 from Stefan Eissing <[email protected]> --- Feedback on the patch: Yes, this will work and prevent connections to a vhost with an SSL protocol version that is not allowed there. However. When I imagine being the user who typed a URL into my browser - and ran into this behaviour - what would I be expected to do? Is there, in this setup, a way to successfully connect to the vhost? I don't see it. If we can agree that this is an undesirable situation, the only fix - besides re-implementing mod_ssl and vhosts in a non 2.4.x compatible way - is that the *server admin* gets an ERR/WARNING by a post config check in mod_ssl. (Since we are talking about fixes in 2.4.x, WARNING is the only option unless we introduce a "SSLVHostChecks strict" or some such.) So, IMO, the patch is good, but not enough. Feedback? -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
