Httpd服务器设置与TLS 1.3

huangapple go评论82阅读模式
英文:

Httpd Server setup with TLS 1.3

问题

我正在在Linux机器上设置另一个httpd服务器实例,使用TLS 1.3。

httpd服务器版本为2.4.57,openssl版本为1.1.1

which httpd 返回 /etc/sbin/httpd

以及

httpd -V 返回配置路径为 /conf/httpd.conf

然而,我正在从 /app/usr/common/httpd-2.4.57 位置运行我的实例,并且我已经更新了位于 /app/usr/common/httpd-2.4.57/conf/httpd.conf<VirtualHost *:8443>

我还将 SSLProtocol 设置为 -all +TLSv1.3,以及 SSLCertificateFileSSLCertificateKeyFileSSLCipherSuite

最后,我更新了位于 /app/usr/common/httpd-2.4.57/conf/extra 中的 httpd-ssl.conf 文件,并更新了 <VirtualHost _default_:443>,并将 DocumentRoot 设置为 app/usr/htdocs,与 httpd.conf 中的设置相同,并在 httpd.conf 文件中包含了 httpd-ssl.conf

应用程序运行正常,但TLS版本仍然显示为1.2,而不是1.3。有任何想法是哪里出了问题吗?

英文:

I am setting up another instance of httpd server in linux machine with TLS 1.3.

httpd server version 2.4.57 openssl 1.1.1

> which httpd gives /etc/sbin/httpd

and

> httpd -V gives config path to /conf/httpd.conf

However, I am running my instance from /app/usr/common/httpd-2.4.57 location and I updated httpd.conf file located in /app/usr/common/httpd-2.4.57/conf/httpd.conf with <VirtualHost *:8443>

I have also set SSLProtocol to -all +TLSv1.3 along with SSLCertificateFile,SSLCertificateKeyFile, SSLCipherSuite.

Finally, I updated httpd-ssl.conf file located in /app/usr/common/httpd-2.4.57/conf/extra and updated <VirtualHost _default_:443> and have set DocumentRoot to app/usr/htdocs same as in httpd.conf and Included httpd-ssl.conf in httpd.conf file.

Application runs just fine but TLS still shows 1.2 instead of 1.3. Any idea where it going wrong ?

答案1

得分: 1

尝试以下方式:

SSL协议全部 -SSLv3 -TLSv1 -TLSv1.1 -TLSv1.2

无论如何,您可以尝试使用Mozilla的配置生成器:
Mozilla SSL配置生成器

英文:

Try the way around:

SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1 -TLSv1.2

Anyway you can try use this configurator by mozilla:<br/>
Mozilla SSL Configuration Generator

huangapple
  • 本文由 发表于 2023年7月14日 03:02:03
  • 转载请务必保留本文链接:https://go.coder-hub.com/76682508.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定