logo
Apache Lounge
Webmasters

 

About Forum Index Downloads Search Register Log in RSS X


Keep Server Online

If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.

or

Bitcoin

A donation makes a contribution towards the costs, the time and effort that's going in this site and building.

Thank You! Steffen

Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
Post new topic   Forum Index -> Apache View previous topic :: View next topic
Reply to topic   Topic: Apache query regarding openssl and tls v.13
Author
Shrinidhi0409



Joined: 24 Sep 2021
Posts: 18
Location: India

PostPosted: Mon 02 May '22 8:34    Post subject: Apache query regarding openssl and tls v.13 Reply with quote

Hi ,

We are building ISO image of our application having apache 2.4.35 on RHEl 5.6 having OpenSSL version 0.9.8.
Then we added TLSv 1.3 in SSL.conf file.Built the ISO image and tried installing on RHEl 8.5 OS. Installation was successfull but the services were not starting. we are getting the below error.

"SSLProtocol: Illegal Protocol TLSv1.3"

Can you please suggest us whether apache 2.4.35 supports OpenSSl 1.1.1 in RHEl 8.5and TLS 1.3.

Also can you suggest what are the possible ways to achieve this protocol using apache 2.4.35 in RHEl 8.5.

Regards,
Shrinidhi S
Back to top
glsmith
Moderator


Joined: 16 Oct 2007
Posts: 2268
Location: Sun Diego, USA

PostPosted: Mon 02 May '22 18:02    Post subject: Reply with quote

Apache 2.4.36 was the first version to have capability for TLSv1.3, however, Apache 2.4.39 has a fix for;

CVE-2019-0215 (cve.mitre.org)
mod_ssl: Fix access control bypass for per-location/per-dir client certificate verification in TLSv1.3.

The best version to use is always the latest which currently is 2.4.53
Back to top


Reply to topic   Topic: Apache query regarding openssl and tls v.13 View previous topic :: View next topic
Post new topic   Forum Index -> Apache