Jeffrey Walton (noloader) wrote on 2015-05-12: #17
This can now be closed due to USN-2606-1
(http://www.ubuntu.com/usn/usn-2606-1/).
Good work. I'm glad to see TLS 1.2 is now available to LTS.
-
O It does work on Apache now. Does it work on nginx also?
--
You received this
TLSv1.2 was re-enabled in Ubuntu 12.04 LTS in May 2015, so if you
install all the updates, you should be getting it.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1256576
Marc Deslauriers (mdeslaur) wrote on 2013-12-02:
Unfortunately, because of the large number of sites which incorrectly handled
TLS v1.2 negotiation, we had to disable TLS v1.2 on the client.
Marc Deslauriers (mdeslaur) wrote on 2014-12-08:#15
Apache2 in 12.04 supports TLSv1.2 just fine,
This can now be closed due to USN-2606-1
(http://www.ubuntu.com/usn/usn-2606-1/).
Good work. I'm glad to see TLS 1.2 is now available to LTS.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
Mark what exact tests did you run?
https://www.ssllabs.com/ssltest/analyze.html by chance?
In your apache config file did you have:
SSLProtocol -ALL -SSLv3 +TLSv1 +TLSv1.1 +TLSv1.2
Reference for that command (Ubuntu 12.04 uses apache 2.2):
http://httpd.apache.org/docs/2.2/mod/mod_ssl.html
--
This new TLS 1.2 support does not seem to be reflected in Apache2 on
12.04 LTS. It's all well and good that OpenSSL may now be running 1.0.1,
but it does not look as though apache has been recompiled against it,
and so it is still stuck with only TLS 1.0, which is vunerable to the
BEAST attack,
Apache2 in 12.04 supports TLSv1.2 just fine, I've been running test
scripts against it.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1256576
Title:
Ubuntu 12.04 LTS:
Closing due to USN-2367-1: OpenSSL update,
http://www.ubuntu.com/usn/usn-2367-1/.
** Changed in: openssl (Ubuntu)
Status: Confirmed = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
That USN doesn't re-enable TLSv1.2 by default for clients in Ubuntu
12.04. It simply fixes an issue if someone _forced_ TLSv1.2 to be
enabled.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
9 matches
Mail list logo