httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "linux.il" <linux...@gmail.com>
Subject [users@httpd] TLS 1.1 and 1.2 and SNI support
Date Mon, 23 May 2016 13:36:33 GMT
As far as I see from my experiments (Apache 2.4.6 on RHEL7) and users
reports, SNI needs TLS 1.0 and doesn't work with TLS1.1/1.2.
This behavior seems me really weird; unfortunately I couldn't find any
explanation for it.
My question is: did I miss  something? Is there any way to use SNI w/o
TLSv1?
We want to disable TLS 1.0, but don't want to lost SNI functionality.

URLs:
- https://wiki.apache.org/httpd/NameBasedSSLVHostsWithSNI "The first
(default) vhost for SSL name-based virtual hosts must include TLSv1 as a
permitted protocol"
-
http://serverfault.com/questions/700143/does-sni-really-require-tlsv1-insecure

TIA,
Vitaly
PS: I understand that my question is not 100% on-topic but I hope it's
close enough.

Mime
View raw message