Apache 2.4.43 TLS 1.0 TLS 1.1 not support

vacancy

• April 09, 2020 04:33

Hello After upgrading the apache version to 2.4.43 after the easyapache 4 update on April 8, the tls 1.0 and tls 1.1 ciphers are invalid. For this reason, tls 1.0 and tls 1.1 protocol do not work. Global configuration error log; The following settings are invalid and were rejected:

• sslciphersuite: ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA

I also see a handshake error in tls 1.2 safari and ie11 browser with default cipher settings. IE 11 / Win Phone 8.1 R Server sent fatal alert: handshake_failure Safari 6 / iOS 6.0.1 Server sent fatal alert: handshake_failure Safari 7 / iOS 7.1 R Server sent fatal alert: handshake_failure Safari 7 / OS X 10.9 R Server sent fatal alert: handshake_failure Safari 8 / iOS 8.4 R Server sent fatal alert: handshake_failure Safari 8 / OS X 10.10 R Server sent fatal alert: handshake_failure

• 

  vacancy

  • April 09, 2020 14:35

  UPDATE: I solved the problem by changing the cipher to the following, I think the previous cipher list I used is no longer supported. SSLCipherSuite HIGH:!aNULL:!MD5

  0
• 

  cPanelLauren

  • April 10, 2020 17:23

  Thanks for updating @vacancy glad to see you were able to resolve the issue.

  0

Please sign in to leave a comment.