Thanks Igor, can i have 2 open ssl installations on same machine? i have apache 2.2 using open ssl 0.9 serving current application requests. i have requriment to transfer files over TLS1.1, hence need for open ssl 1.0.1. seems an over kill to have a second webserver instance just to transfer files, but i see it as only solution.
Files can be done via ftps using something like mina apache ftp server - probably same problem there to interms of open SSL 0.9. On Tue, Nov 20, 2012 at 9:44 PM, Igor Cicimov <[email protected]> wrote: > On Wed, Nov 21, 2012 at 7:26 AM, securenamefirst securenamelast < > [email protected]> wrote: > >> Hi, >> i'm confused! >> i read as part of the features list for Apache 2.2 >> http://httpd.apache.org/docs/2.2/mod/mod_ssl.html >> that >> SSL_PROTOCOL string The SSL protocol version (SSLv2, SSLv3, TLSv1, >> TLSv1.1, TLSv1.2) >> >> >> however when i run the app using apache 2.2 i get following: >> [Thu Nov 08 13:38:54 2012] [notice] Apache/2.2.10 (Unix) DAV/2 >> mod_ssl/2.2.10 OpenSSL/0.9.7d mod_jk/1.2.26 configured -- resuming normal >> operations >> >> meaning i'm using apache 2.2 but with openssl 0.9 whcih according to what >> i read only supports upto TLSv1.0 and not above. to get TLS 1.1 apparently >> i need open ssl 1.0.1. >> https://community.qualys.com/thread/2013 >> >> problem 1 - does apache 2.2 or 2.4 support TLS 1.1 or not? - >> documentation says it does via the mod ssl. >> >> if yes then how do i get TLS1.1 working? i would appreaciate some >> direction, app only way is to recompile with openssl 1.0 and that 2.2 does >> not support TLSv1.1, >> >> thanks >> > > Install open ssl 1.0.1 and recompile apache to use that one. >
