Debian将服务器和SSL问题从TLS 1.2更改为TLS 1.0
我想切换服务器Gentoo->Debian7(使用PHP5.3,是的,我知道,但我有一个旧代码) 当我将SSL的证书复制到新服务器时,我遇到了一个问题,它降级到TLS 1.2到TLS 1.0 我不明白。。我安装了OpenSSL 1.1.1c,重新启动了apache,我一直在解决这个问题 这是我的简历:Debian将服务器和SSL问题从TLS 1.2更改为TLS 1.0,ssl,tls1.2,php-5.3,tls1.0,debian-7.6.0,Ssl,Tls1.2,Php 5.3,Tls1.0,Debian 7.6.0,我想切换服务器Gentoo->Debian7(使用PHP5.3,是的,我知道,但我有一个旧代码) 当我将SSL的证书复制到新服务器时,我遇到了一个问题,它降级到TLS 1.2到TLS 1.0 我不明白。。我安装了OpenSSL 1.1.1c,重新启动了apache,我一直在解决这个问题 这是我的简历: <VirtualHost *:443> ServerName myserver.com DocumentRoot /var/www/html/site <Directory /v
<VirtualHost *:443>
ServerName myserver.com
DocumentRoot /var/www/html/site
<Directory /var/www/html/site/>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
SSLEngine on
SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
SSLCertificateChainFile /etc/apache2/ssl.crt/server-ca.crt
SSLProtocol All -SSLv3 -SSLv2
SSLCipherSuite 'EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AE$
SSLHonorCipherOrder on
Header always set Strict-Transport-Security "max-age=15768000"
</VirtualHost>
ServerName myserver.com
DocumentRoot/var/www/html/site
选项索引跟随符号链接多视图
允许超越所有
命令允许,拒绝
通融
斯伦金安
SSLCertificateFile/etc/ssl/certs/ssl-cert-snakeoil.pem
SSLCertificateKeyFile/etc/ssl/private/ssl-cert-snakeoil.key
SSLCertificateChainFile/etc/apache2/ssl.crt/server-ca.crt
SSLProtocol All-SSLv3-SSLv2
SSLCipherSuite'EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!阿努尔:!埃努尔:!低:!3DES:!MD5:!经验:!PSK:!决策支持系统:!RC4:!种子:!ECDSA:Camellia 256-SHA:AE$
SSLHonorCipherOrder开启
标头始终设置严格的传输安全性“最大年龄=15768000”