Hey Mohan, You may want to take a look into this link.
http://blog.ivanristic.com/2013/08/compiling-apache-with-static-openssl.html The above link shows how to do that. On Friday, August 14, 2015, Mohanavelu Subramanian <mhnv...@gmail.com> wrote: > Hi Daniel, > > Thanks a lot for the reply. > > I have downloaded the apache 2.2.31 source code and tried compiling it. > But I end up getting many dependency issues. Also I searched on internet > for those dependencies and I could not get. > > Could you please provide me some more details how to successfully generate > the rpm with source code and its dependencies eg- Any reference or > guidelines I can follow. > > Thanks & Regards, > Mohan > > > > On Wed, Aug 12, 2015 at 1:21 AM, Daniel <dferra...@gmail.com > <javascript:_e(%7B%7D,'cvml','dferra...@gmail.com');>> wrote: > >> you need to compile Apache over the new version of openssl libraries in >> order for Apache HTTPd to correctly use the openssl version you want to use. >> >> Apache will allow you to use tlsv1.2 when the openssl version it was >> compiled against supports it. >> >> 2015-08-11 21:01 GMT+02:00 Mohanavelu Subramanian <mhnv...@gmail.com >> <javascript:_e(%7B%7D,'cvml','mhnv...@gmail.com');>>: >> >>> Hi All, >>> >>> Good Morning. >>> >>> I am to new Apache Users mailing list. I have described the issue I am >>> facing to support TLSv1.2 >>> >>> Currently, our product use Apache 2.2.12 provided by SLES 11sp3. >>> We are doing a securing hardening now by enabling only TLSv1.2 protocol >>> and disabling other protocols. I tried to configure "SSLProtocol TLSv1.2". >>> But after apache restart, it throws an error "invalid protocol". I came to >>> know that mod_ssl refers openssl 0.9.8 version, though we have latest >>> openssl 1.0.1(which supports TLSv1.2). The mod_ssl loads openssl0.9.8 >>> always. >>> >>> It seems the latest Apache version 2.4.x supports TLSv1.2. But this >>> apache version is available in SLES 12 only which wont be available for us >>> for another 6 months.So, we dropped this option. >>> >>> So, the procurement team advised us to use mod_nss which can support >>> TLSv1.2 with Apache 2.2.12. We started the migration from mod_ssl to >>> mod_nss and everything went well, but the directive "SSLVerifyClient >>> optional_no_ca" is not available with mod_nss. It provides only >>> none,optional,require.So, we are blocked on this and could not migrate to >>> mod_nss. >>> Can you please suggest how to overcome this issue. >>> >>> Now, we are looking for Apache rpm (2.2.x) and its dependency rpms which >>> supports TLSv1.2 on Linux. I googled and could not find the rpms for Linux >>> but only source code available to compile. I tried compiling it but I got >>> lot of dependency issues for which I could not get dependent rpms from net. >>> Also I could not find docs to guide how to compile and install. >>> >>> Could you please share your inputs or solutions on this issue if you had >>> encountered before. >>> >>> Thanks in Advance. >>> >>> Regards, >>> Mohan >>> >> >> >> >> -- >> *Daniel Ferradal* >> IT Specialist >> >> email dferradal at gmail.com >> linkedin es.linkedin.com/in/danielferradal >> > >
