Is there a way in the current Apache (2.4.x or 2.2.x) to specify an SSLProtocol
and SSLCipherSuite that affects only a singular VirtualHost?
e.g.
www.example.com requires modern encryption (i.e. TLSv1.2)
old.example.com allows only deprecated Protocols/ciphers (e.g. SSLv3)
I tried using something like
<VirtualHost www.example.com:443>
SSLProtocol TLSv1.2
...
</VirtualHost>
<VirtualHost old.example.com:443>
SSLProtocol SSLv3
...
</VirtualHost>
however it seems that the SSLProtocol directive is not honored inside a
VirtualHost section.
Is there a way to configure this properly so that individual VirtualHosts honor
only the specified protocols? Can the same method be used for SSLCipherSuite?
Thanks,
Karl
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
