httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From alchemist vk <alchemist...@gmail.com>
Subject Re: [users@httpd] Unable to set ciphers string with space separated in apache
Date Thu, 06 Sep 2018 03:11:28 GMT
Hi William,
  Sorry for late response.. I appreciate your response.
  Small clarification: You meant to say,  with space as delimiter, httpd
parses will consider  space separated tokens as each individual httpd
directives?

With Regards,
Venkatesh

On Mon, Aug 27, 2018 at 7:03 PM, William A Rowe Jr <wrowe@rowe-clan.net>
wrote:

> A good argument for following httpd documented convention.
>
> If you want to continue exploring, you would want to quote the cipher
> string, since httpd would take apart unquotes, space separated tokens as
> different httpd directive arguments, and you surely don't want that.
>
> On Sat, Aug 25, 2018, 20:05 alchemist vk <alchemist.vk@gmail.com> wrote:
>
>> Hi All,
>>
>>   openssl standard says " The cipher list consists of one or more *cipher
>> strings* separated by colons. Commas or spaces are also acceptable
>> separators but colons are normally used".  But apache says "directive
>> uses a *colon-separated* *cipher-spec* string consisting of OpenSSL
>> cipher specifications to configure the Cipher Suite the client is permitted
>> to negotiate in the SSL handshake phase" in https://httpd.apache.org/
>> docs/2.4/mod/mod_ssl.html.
>>
>>
>> So, when I configured apache by separating cipher string with spaces,
>> cipher string has no affect.  But when cipher string is configured with
>> colons, cipher string has effect.
>>
>>
>> So, please provide clarification, is there any limitation why we can’t
>> configure cipher string by using space as delimiter in apache.
>>
>>
>> PS: I am using 2.4 apache version in Linux OS.
>>
>> With Regards,
>> Venkatesh
>>
>

Mime
View raw message