And as asked there this might help as well:
$ a2enmod info
$ systemctl restart apache2
$ apache2ctl -t -D DUMP_CONFIG|grep -i ssl
$ a2dismod info # if it hasn't been enabled before
That is a slightly better info than my Greps above, but still the same result.
Here of my last config trying to falsify the "default has to have TLSv1 to use
it in others"
apache2ctl -t -D DUMP_CONFIG|grep -i ssl
# In file: /etc/apache2/mods-enabled/ssl.conf
Syntax OK
SSLRandomSeed startup builtin
SSLRandomSeed startup file:/dev/urandom 512
SSLRandomSeed connect builtin
SSLRandomSeed connect file:/dev/urandom 512
SSLPassPhraseDialog exec:/usr/share/apache2/ask-for-passphrase
SSLSessionCache shmcb:/var/run/apache2/ssl_scache(512000)
SSLSessionCacheTimeout 300
SSLCipherSuite HIGH:!aNULL
SSLProtocol all -SSLv3
# In file: /etc/apache2/sites-enabled/custom1-ssl.conf
SSLEngine on
SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
SSLOptions +StdEnvVars
SSLOptions +StdEnvVars
SSLProtocol All -TLSv1 -TLSv1.1
# In file: /etc/apache2/sites-enabled/custom2-ssl.conf
SSLEngine on
SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
SSLOptions +StdEnvVars
SSLOptions +StdEnvVars
# In file: /etc/apache2/sites-enabled/default-ssl.conf
SSLEngine on
SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
SSLOptions +StdEnvVars
SSLOptions +StdEnvVars
SSLProtocol All -TLSv1 -TLSv1.1
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1665151
Title:
Apache ignores disable TLSv1.0
To manage notifications about this bug go to:
https://bugs.launchpad.net/apache2/+bug/1665151/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
