:39 +0200
> From: ylavic@gmail.com
> To: users@httpd.apache.org
> Subject: Re: [users@httpd] VirtualHosts, SSLProtocol, and SSLCipherSuite
>
> On Tue, Jun 16, 2015 at 10:48 PM, karl karloff
> wrote:
>> I am attempting to set up more than one subdomain on :443 in this
bject: Re: [users@httpd] VirtualHosts, SSLProtocol, and SSLCipherSuite
>
> On Tue, Jun 16, 2015 at 1:57 PM, karl karloff wrote:
>>
>
> AIUI This VH style is not used much and could be contributing. If you
> don't care what underlying interface/IP is used, use *:443 and
&g
> Have you tested with the "+"?
>
> from docs :
> Syntax:SSLProtocol [+|-]protocol ...
>
> ex :
>
> SSLProtocol +TLSv1.2
> ...
>
>
> SSLProtocol +SSLv3
> ...
>
>
>
>
> On Tue, Jun 16, 2015 at 12:37 AM, karl karloff
> wrot
Is there a way in the current Apache (2.4.x or 2.2.x) to specify an SSLProtocol
and SSLCipherSuite that affects only a singular VirtualHost?
e.g.
www.example.com requires modern encryption (i.e. TLSv1.2)
old.example.com allows only deprecated Protocols/ciphers (e.g. SSLv3)
I tried using somethin
In light of the recent publicity of the "logjam attack" (e.g.
https://weakdh.org/) Diffie-Hellman key exchange has come under some scrutiny.
Industry wisdom seems to suggest that to prevent possible nation-state
decryption an httpd server should generate a 2048-bit group of parameters (for
Diff