While apache in Ubuntu 12.04 does support TLSv1.2, it doesn't allow specifying the configuration options to selectively disable TLSv1.0.
The following commit needs to be backported: https://svn.apache.org/viewvc?view=revision&revision=1445104 ** Package changed: openssl (Ubuntu) => apache2 (Ubuntu) ** Summary changed: - Apache 2.2 on Ubuntu 12.04 LTS only supports TLS1.0 which is vulnerable to BEAST attack + Apache 2.2 on Ubuntu 12.04 LTS doesn't allow disabling TLS1.0 -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in Ubuntu. https://bugs.launchpad.net/bugs/1400473 Title: Apache 2.2 on Ubuntu 12.04 LTS doesn't allow disabling TLS1.0 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1400473/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
