内射女校花一区二区三区,久久久老熟女一区二区三区,国产精品美女久久久网站,亚洲成AV人片在

標題: [提問] 開啟HTTPS只支持TLS1.2不支持1.1和1.0 [打印本頁]

作者: lele8060 時間: 2017-12-1 21:12 標題: 開啟HTTPS只支持TLS1.2不支持1.1和1.0

SSLEngine on
SSLCertificateFile conf/cert/xxx.com.crt
SSLCertificateKeyFile conf/cert/xxx.com.key
SSLCertificateChainFile conf/cert/xxx.com_root_bundle.crt
SSLProtocol TLSv1 TLSv1.1 TLSv1.2
SSLCipherSuite EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5
DocumentRoot /www/web/xxx/public_html

復制代碼

用ssllabs.com測試結(jié)果
Protocols
TLS 1.3No
TLS 1.2Yes
TLS 1.1No
TLS 1.0No
SSL 3No
SSL 2No

作者: lele8060 時間: 2018-5-11 16:17

終于解決了

https://serverfault.com/questions/513961/how-to-disable-tls-1-1-1-2-in-apache

First of all, you must identify what is the default vhost for port 443 in your server (the first SSL vhost loaded by Apache) and edit it's configuration file. Most users have an ssl.conf file in their servers, with a vhost for port 443 configured there. As the name of this file begins with "s", it will load before the vhosts configured in vhosts.conf (which begins with "v"). So, check if this is your case (the answer is "yes" for virtually everyone) and change the protocols in that file. That's enough!

作者: 乘風 時間: 2019-1-18 23:45

請問具體是怎么解決的，我試了幾次，還是不行，新手請教一下

作者: 乘風 時間: 2019-1-18 23:47

回復 2# lele8060

可以具體說一下你是怎么解決的嗎

作者: 乘風 時間: 2019-1-19 10:38

回復 2# lele8060

<VirtualHost *:443>
SSLEngine on
SSLCertificateFile conf/cert/x.star.com.crt
SSLCertificateKeyFile conf/cert/x.star.com.key
SSLCertificateChainFile conf/cert/bundle_x.star.com.crt
#SSLProtocol +SSLv3 +TLSv1 +TLSv1.1 +TLSv1.2 -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
SSLProtocol TLSv1 TLSv1.1 TLSv1.2
SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4

#SSLProtocol all -SSLv2 -SSLv3
#SSLCipherSuite HIGH:!RC4:!MD5:!aNULL:!eNULL:!NULL:!DH:!EDH:!EXP:+MEDIUM
#SSLHonorCipherOrder on

歡迎光臨 WDlinux官方論壇 (http://www.sdymsy.com/bbs/)