[Touch-packages] [Bug 1256576] Re: Ubuntu 12.04 LTS: OpenSSL downlevel version is 1.0.0, and does not support TLS 1.2

Jeffrey Walton (noloader) wrote on 2015-05-12: #17 This can now be closed due to USN-2606-1 (http://www.ubuntu.com/usn/usn-2606-1/). Good work. I'm glad to see TLS 1.2 is now available to LTS. - O It does work on Apache now. Does it work on nginx also? -- You received this

[Touch-packages] [Bug 1256576] Re: Ubuntu 12.04 LTS: OpenSSL downlevel version is 1.0.0, and does not support TLS 1.2

TLSv1.2 was re-enabled in Ubuntu 12.04 LTS in May 2015, so if you install all the updates, you should be getting it. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssl in Ubuntu. https://bugs.launchpad.net/bugs/1256576

[Touch-packages] [Bug 1256576] Re: Ubuntu 12.04 LTS: OpenSSL downlevel version is 1.0.0, and does not support TLS 1.2

Marc Deslauriers (mdeslaur) wrote on 2013-12-02: Unfortunately, because of the large number of sites which incorrectly handled TLS v1.2 negotiation, we had to disable TLS v1.2 on the client. Marc Deslauriers (mdeslaur) wrote on 2014-12-08:#15 Apache2 in 12.04 supports TLSv1.2 just fine,

[Touch-packages] [Bug 1256576] Re: Ubuntu 12.04 LTS: OpenSSL downlevel version is 1.0.0, and does not support TLS 1.2

This can now be closed due to USN-2606-1 (http://www.ubuntu.com/usn/usn-2606-1/). Good work. I'm glad to see TLS 1.2 is now available to LTS. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssl in Ubuntu.

[Touch-packages] [Bug 1256576] Re: Ubuntu 12.04 LTS: OpenSSL downlevel version is 1.0.0, and does not support TLS 1.2

Mark what exact tests did you run? https://www.ssllabs.com/ssltest/analyze.html by chance? In your apache config file did you have: SSLProtocol -ALL -SSLv3 +TLSv1 +TLSv1.1 +TLSv1.2 Reference for that command (Ubuntu 12.04 uses apache 2.2): http://httpd.apache.org/docs/2.2/mod/mod_ssl.html --

[Touch-packages] [Bug 1256576] Re: Ubuntu 12.04 LTS: OpenSSL downlevel version is 1.0.0, and does not support TLS 1.2

This new TLS 1.2 support does not seem to be reflected in Apache2 on 12.04 LTS. It's all well and good that OpenSSL may now be running 1.0.1, but it does not look as though apache has been recompiled against it, and so it is still stuck with only TLS 1.0, which is vunerable to the BEAST attack,

[Touch-packages] [Bug 1256576] Re: Ubuntu 12.04 LTS: OpenSSL downlevel version is 1.0.0, and does not support TLS 1.2

Apache2 in 12.04 supports TLSv1.2 just fine, I've been running test scripts against it. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssl in Ubuntu. https://bugs.launchpad.net/bugs/1256576 Title: Ubuntu 12.04 LTS:

[Touch-packages] [Bug 1256576] Re: Ubuntu 12.04 LTS: OpenSSL downlevel version is 1.0.0, and does not support TLS 1.2

Closing due to USN-2367-1: OpenSSL update, http://www.ubuntu.com/usn/usn-2367-1/. ** Changed in: openssl (Ubuntu) Status: Confirmed = Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssl in Ubuntu.

[Touch-packages] [Bug 1256576] Re: Ubuntu 12.04 LTS: OpenSSL downlevel version is 1.0.0, and does not support TLS 1.2

That USN doesn't re-enable TLSv1.2 by default for clients in Ubuntu 12.04. It simply fixes an issue if someone _forced_ TLSv1.2 to be enabled. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssl in Ubuntu.