Hi,
I could disable SSL3 and TLS1.0 with this line in the configuration of
virtual hosts:
GnuTLSPriorities
NONE:!VERS-SSL3.0:!VERS-TLS1.0:+VERS-TLS1.1:+VERS-TLS1.2:+AES-128-CBC:+RSA:+SHA1:+COMP-NULL
If I put this line in the file "/etc/apache2/mods-enabled/gnutls.conf"
and not in virtual hosts, Apache will not restart and I have no error
message.
I did a test with two virtual hosts using the same IP (SNI), the
certificate is wildcard type, it is used by both virtual hosts. If I put
on one of the virtual hosts the line "GnuTLSPriorities
NONE:!VERS-SSL3.0:!VERS-TLS1.0:+VERS-TLS1.1:+VERS-TLS1.2:+AES-128-CBC:+RSA:+SHA1:+COMP-NULL"
and for the other virtual hosts the line "GnuTLSPriorities NORMAL", the
second is not taken into account. SSL3 and TLS1.0 are not available for
the second.
Regards.
--
==============================================
| FRÉDÉRIC MASSOT |
| http://www.juliana-multimedia.com |
| mailto:frede...@juliana-multimedia.com |
| +33.(0)2.97.54.77.94 +33.(0)6.67.19.95.69 |
===========================Debian=GNU/Linux===
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
