Is the SSLProxyCipherSuite directive supported?
The TLS hello packet lists several ciphers (RC4 etc) which are not in the
directive list.
I have also tried SSLCipherSuite in the container and globally all to no
avail.
Here is the entry:
NameVirtualHost nc:8443
# Enable proxy forward r
Unfortunatley restricting the algorithms to FIPS compliant algorithms in the
apache configs is not good enough to claim FIPS 140-2 compliance. The
openSSL library 'must' be running in FIPS mode. It is a requirement of FIPS
140-2 that the module doing the cryptographic functions is a FIPS
'validate
Thanks for the response.
Yes, we are running apache acting as an SSL client. And yes I am saying that
apache is running as a proxy that forwards towards an HTTPS server.
It does communicate in SSL so there is no issue with the SSL directives in
the config. But for your interest here are the pert
We have no problem running mod_proxy over SSL (via mod_ssl). It is the FIPS
mode that is our problem.
There is a patch that turns on FIPS mode in mod_ssl (listed in my last post)
We can run apache as a server for HTTPS (SSL) in FIPS mode. However when
communicating over HTTPS (SSL) via mod_proxy
n get only the first request. This isn't php in
> cause, because the strace don't view any data send to php-cgi when I wrote
> anything on the connection (but TCPDUMP can view the data on port 80, it's
> normal, this is the port of proxy script through apache)
>
> Le 1
We have apache httpd running in FIPS 140-2 mode for SSL and it runs
correctly. FIPS is enabled and only FIPS compliant algorithms are used.
However when running in proxy mode (mod_proxy) the SSL handshaking to the
server indicates that apache mod_proxy is not running in FIPS mode. Is there
a patch
