英文:
Httpd Server setup with TLS 1.3
问题
我正在在Linux机器上设置另一个httpd服务器实例,使用TLS 1.3。
httpd服务器版本为2.4.57,openssl版本为1.1.1
which httpd
返回 /etc/sbin/httpd
以及
httpd -V
返回配置路径为 /conf/httpd.conf
然而,我正在从 /app/usr/common/httpd-2.4.57
位置运行我的实例,并且我已经更新了位于 /app/usr/common/httpd-2.4.57/conf/httpd.conf
的 <VirtualHost *:8443>
我还将 SSLProtocol
设置为 -all +TLSv1.3
,以及 SSLCertificateFile
、SSLCertificateKeyFile
、SSLCipherSuite
。
最后,我更新了位于 /app/usr/common/httpd-2.4.57/conf/extra
中的 httpd-ssl.conf
文件,并更新了 <VirtualHost _default_:443>
,并将 DocumentRoot
设置为 app/usr/htdocs
,与 httpd.conf
中的设置相同,并在 httpd.conf
文件中包含了 httpd-ssl.conf
。
应用程序运行正常,但TLS版本仍然显示为1.2,而不是1.3。有任何想法是哪里出了问题吗?
英文:
I am setting up another instance of httpd server in linux machine with TLS 1.3.
httpd server version 2.4.57 openssl 1.1.1
> which httpd
gives /etc/sbin/httpd
and
> httpd -V
gives config path to /conf/httpd.conf
However, I am running my instance from /app/usr/common/httpd-2.4.57
location and I updated httpd.conf file located in /app/usr/common/httpd-2.4.57/conf/httpd.conf
with <VirtualHost *:8443>
I have also set SSLProtocol
to -all +TLSv1.3
along with SSLCertificateFile
,SSLCertificateKeyFile
, SSLCipherSuite
.
Finally, I updated httpd-ssl.conf
file located in /app/usr/common/httpd-2.4.57/conf/extra
and updated <VirtualHost _default_:443>
and have set DocumentRoot
to app/usr/htdocs
same as in httpd.conf
and Included httpd-ssl.conf
in httpd.conf
file.
Application runs just fine but TLS still shows 1.2 instead of 1.3. Any idea where it going wrong ?
答案1
得分: 1
尝试以下方式:
SSL协议全部 -SSLv3 -TLSv1 -TLSv1.1 -TLSv1.2
无论如何,您可以尝试使用Mozilla的配置生成器:
Mozilla SSL配置生成器
英文:
Try the way around:
SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1 -TLSv1.2
Anyway you can try use this configurator by mozilla:<br/>
Mozilla SSL Configuration Generator
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论