Loading STATUS +0 −5 Original line number Diff line number Diff line Loading @@ -101,11 +101,6 @@ RELEASE SHOWSTOPPERS: PATCHES ACCEPTED TO BACKPORT FROM TRUNK: [ start all new proposals below, under PATCHES PROPOSED. ] * default conf: Disable SSLv3, like SSLv2, in the default configuration. trunk patch: n/a -- Only 2.2.x has SSLProtocol in httpd-ssl.conf.in 2.2.x patch: https://issues.apache.org/bugzilla/attachment.cgi?id=32131 +1: covener, ylavic, gsmith * mod_ssl: Add SSLSessionTickets (on|off). [Rainer Jung] It controls the use of TLS session tickets (RFC 5077). Default is unchanged (on). Loading docs/conf/extra/httpd-ssl.conf.in +3 −2 Original line number Diff line number Diff line Loading @@ -69,8 +69,9 @@ SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5 # SSL Protocol support: # List the protocol versions which clients are allowed to # connect with. Disable SSLv2 by default (cf. RFC 6176). SSLProtocol all -SSLv2 # connect with. Disable SSLv2 (cf. RFC 6176) and SSLv3 # (cf. RFC 7525 and CVE 2014-3566). SSLProtocol all -SSLv2 -SSLv3 # Pass Phrase Dialog: # Configure the pass phrase gathering process. Loading Loading
STATUS +0 −5 Original line number Diff line number Diff line Loading @@ -101,11 +101,6 @@ RELEASE SHOWSTOPPERS: PATCHES ACCEPTED TO BACKPORT FROM TRUNK: [ start all new proposals below, under PATCHES PROPOSED. ] * default conf: Disable SSLv3, like SSLv2, in the default configuration. trunk patch: n/a -- Only 2.2.x has SSLProtocol in httpd-ssl.conf.in 2.2.x patch: https://issues.apache.org/bugzilla/attachment.cgi?id=32131 +1: covener, ylavic, gsmith * mod_ssl: Add SSLSessionTickets (on|off). [Rainer Jung] It controls the use of TLS session tickets (RFC 5077). Default is unchanged (on). Loading
docs/conf/extra/httpd-ssl.conf.in +3 −2 Original line number Diff line number Diff line Loading @@ -69,8 +69,9 @@ SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5 # SSL Protocol support: # List the protocol versions which clients are allowed to # connect with. Disable SSLv2 by default (cf. RFC 6176). SSLProtocol all -SSLv2 # connect with. Disable SSLv2 (cf. RFC 6176) and SSLv3 # (cf. RFC 7525 and CVE 2014-3566). SSLProtocol all -SSLv2 -SSLv3 # Pass Phrase Dialog: # Configure the pass phrase gathering process. Loading