logo
Apache Lounge
Webmasters

 

About Forum Index Downloads Search Register Log in  RSS Apache Lounge  


Keep Server Online

If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.

or

Bitcoin

A donation makes a contribution towards the costs, the time and effort that's going in this site and building.

Thank You! Steffen

Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.


Post new topic   Forum Index -> Apache View previous topic :: View next topic
Reply to topic   Topic: mod_http2 Chrome ERR_SPDY_INADEQUATE_TRANSPORT_SECURITY
Author
lunter



Joined: 12 May 2011
Posts: 10

PostPosted: Thu 15 Oct '15 10:02    Post subject: mod_http2 Chrome ERR_SPDY_INADEQUATE_TRANSPORT_SECURITY Reply with quote

Split from mod_http2 :: HowTo & Info & Tips

I have problems...

I added
Code:
LoadModule http2_module modules/mod_http2.so
<IfModule http2_module>
    ProtocolsHonorOrder On
    Protocols h2 http/1.1
</IfModule>


When I open http://mydomain.com/ the indicator (Chrome browser) shows: NOT SPDY-enabled.

When I open https://mydomain.com/ the Chrome browser shows: ERR_SPDY_INADEQUATE_TRANSPORT_SECURITY
I have working domain ssl certifiacate on mod_ssl.

What am I doing wrong?
Back to top
admin
Site Admin


Joined: 15 Oct 2005
Posts: 633

PostPosted: Thu 15 Oct '15 10:34    Post subject: Reply with quote

You are using the latest Chrome ?

If you point your browser at a h2 server with inappropriate ciphers, you will get the obscure warning like INADEQUATE_SECURITY and the browser will simply refuse to continue.

Try the advised/recommended cypher suites to be used at https://www.apachelounge.com/viewtopic.php?p=31842
Back to top
lunter



Joined: 12 May 2011
Posts: 10

PostPosted: Thu 15 Oct '15 10:53    Post subject: Reply with quote

I resolved the problem by add:
Code:
SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK
SSLProtocol All -SSLv2 -SSLv3


from http://icing.github.io/mod_h2/howto.html#https
Back to top


Reply to topic   Topic: mod_http2 Chrome ERR_SPDY_INADEQUATE_TRANSPORT_SECURITY View previous topic :: View next topic
Post new topic   Forum Index -> Apache