[mod_gnutls-devel] [mod_gnutls] #29: Disabling SSL3 and TLS1.0 don't work

mod_gnutls webmaster at mod.gnutls.org
Mon Nov 23 23:14:58 CET 2015

#29: Disabling SSL3 and TLS1.0 don't work
Reporter:  frederic massot  |       Owner:  https://id.mayfirst.org/dkg
    Type:  defect           |      Status:  closed
Priority:  major            |   Component:  code
 Version:  5.10             |  Resolution:  fixed
Keywords:                   |
Changes (by thomas  klute):

 * status:  new => closed
 * resolution:   => fixed


 This bug is no longer present as of version 0.7.2 (I assume this was
 actually fixed in 0.6 but didn't check explicitly). Note that in recent
 GnuTLS versions SSLv3 is not included in the NORMAL priorities. With two
 vhosts configured with

  GnuTLSPriorities NORMAL:-VERS-TLS1.0


  GnuTLSPriorities NORMAL

 respectively, the first one is not reachable with a client configured to
 use TLS 1.0 only, while the second one is. Switching the priority strings
 has the expected effect of reversing the reachability by TLS 1.0.

Ticket URL: <https://mod.gnutls.org/ticket/29#comment:4>
mod_gnutls <https://mod.gnutls.org>
The apache httpd module for HTTPS using GnuTLS

More information about the mod_gnutls-devel mailing list