Hi,
According to the documentation "GnuTLSPriorities" directive can be used
in server config or virtual host.
I put the same line "GnuTLSPriorities
NORMAL:!VERS-SSL3.0:!VERS-TLS1.0:+VERS-TLS1.2:+VERS-TLS1.1:!MD5" in:
- all virtual hosts that use HTTPS,
- the configuration of GNUTLS (/etc/apache2/mods-available/gnutls.conf),
- the default-tls file (/etc/apache2/sites-available/default-tls) which
I do not use and that is not activated,
- the apache2.conf file.
I restarted Apache. The result is always the same SSL3 and TLS 1.0 is
still active. Amazing!
For "-" TLS 1.2 and I used the documentation of internal functions:
- http://gnutls.org/manual/html_node/Priority-Strings.html
I also looked at the documentations:
- http://www.outoforder.cc/projects/apache/mod_gnutls/docs/
-
http://mod-gnutls.sourceforge.net/downloads/docs/mod_gnutls_manual-0.1.html
Florian, I think you're right, it is better to use the "!" instead of
"-" to the GnuTLSPriorities directive.
Regards.
--
==============================================
| FRÉDÉRIC MASSOT |
| http://www.juliana-multimedia.com |
| mailto:frede...@juliana-multimedia.com |
| +33.(0)2.97.54.77.94 +33.(0)6.67.19.95.69 |
===========================Debian=GNU/Linux===
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
