Hi Daniel, Thanks a lot for the reply.
I have downloaded the apache 2.2.31 source code and tried compiling it. But I end up getting many dependency issues. Also I searched on internet for those dependencies and I could not get. Could you please provide me some more details how to successfully generate the rpm with source code and its dependencies eg- Any reference or guidelines I can follow. Thanks & Regards, Mohan On Wed, Aug 12, 2015 at 1:21 AM, Daniel <dferra...@gmail.com> wrote: > you need to compile Apache over the new version of openssl libraries in > order for Apache HTTPd to correctly use the openssl version you want to use. > > Apache will allow you to use tlsv1.2 when the openssl version it was > compiled against supports it. > > 2015-08-11 21:01 GMT+02:00 Mohanavelu Subramanian <mhnv...@gmail.com>: > >> Hi All, >> >> Good Morning. >> >> I am to new Apache Users mailing list. I have described the issue I am >> facing to support TLSv1.2 >> >> Currently, our product use Apache 2.2.12 provided by SLES 11sp3. >> We are doing a securing hardening now by enabling only TLSv1.2 protocol >> and disabling other protocols. I tried to configure "SSLProtocol TLSv1.2". >> But after apache restart, it throws an error "invalid protocol". I came to >> know that mod_ssl refers openssl 0.9.8 version, though we have latest >> openssl 1.0.1(which supports TLSv1.2). The mod_ssl loads openssl0.9.8 >> always. >> >> It seems the latest Apache version 2.4.x supports TLSv1.2. But this >> apache version is available in SLES 12 only which wont be available for us >> for another 6 months.So, we dropped this option. >> >> So, the procurement team advised us to use mod_nss which can support >> TLSv1.2 with Apache 2.2.12. We started the migration from mod_ssl to >> mod_nss and everything went well, but the directive "SSLVerifyClient >> optional_no_ca" is not available with mod_nss. It provides only >> none,optional,require.So, we are blocked on this and could not migrate to >> mod_nss. >> Can you please suggest how to overcome this issue. >> >> Now, we are looking for Apache rpm (2.2.x) and its dependency rpms which >> supports TLSv1.2 on Linux. I googled and could not find the rpms for Linux >> but only source code available to compile. I tried compiling it but I got >> lot of dependency issues for which I could not get dependent rpms from net. >> Also I could not find docs to guide how to compile and install. >> >> Could you please share your inputs or solutions on this issue if you had >> encountered before. >> >> Thanks in Advance. >> >> Regards, >> Mohan >> > > > > -- > *Daniel Ferradal* > IT Specialist > > email dferradal at gmail.com > linkedin es.linkedin.com/in/danielferradal >
