[mod_gnutls-devel] [mod_gnutls] #29: Disabling SSL3 and TLS1.0 don't work
mod_gnutls
webmaster at mod.gnutls.org
Mon Nov 23 23:14:58 CET 2015
#29: Disabling SSL3 and TLS1.0 don't work
----------------------------+------------------------------------------
Reporter: frederic massot | Owner: https://id.mayfirst.org/dkg
Type: defect | Status: closed
Priority: major | Component: code
Version: 5.10 | Resolution: fixed
Keywords: |
----------------------------+------------------------------------------
Changes (by thomas klute):
* status: new => closed
* resolution: => fixed
Comment:
This bug is no longer present as of version 0.7.2 (I assume this was
actually fixed in 0.6 but didn't check explicitly). Note that in recent
GnuTLS versions SSLv3 is not included in the NORMAL priorities. With two
vhosts configured with
GnuTLSPriorities NORMAL:-VERS-TLS1.0
and
GnuTLSPriorities NORMAL
respectively, the first one is not reachable with a client configured to
use TLS 1.0 only, while the second one is. Switching the priority strings
has the expected effect of reversing the reachability by TLS 1.0.
--
Ticket URL: <https://mod.gnutls.org/ticket/29#comment:4>
mod_gnutls <https://mod.gnutls.org>
The apache httpd module for HTTPS using GnuTLS
More information about the mod_gnutls-devel
mailing list