Syndicate
Site (RSS, Atom)
Contact
Weblog status
Total entries: 78
Last entry: 2022-10-16 13:52:24
Last updated: 2022-10-16 14:12:58
powered by vim, bash, cat, grep, sed, and nb 3.4.2

2018-10-15 16:31:39

SNI in RHEL 5 Apache

The custom httpd package for RHEL/CentOS 5 now also offers SNI / server name indication. And the default size of dhparams was increased to 2048 bit (RHEL 6 default: 1024 bit). In total these enhancements were done on the original package:

httpd-2.2.3-92.4.el5_11

  • provide SNI support
  • recompiled against openssl1 package (ported from RHEL 6)
  • use bigger DH params
  • some secure basic options for SSL_CTX_set_options() hardcoded
  • basic ECDH support
  • improved default SSLCipherSuite in ssl.conf
  • configurable DH params by SSLDhParamsFile config option
  • weekly cronjob for updating dh2048.pem

News history tuxad repository:


Posted by Frank W. Bergmann | Permanent link | File under: ssl, encryption, rpm, yum, repository, redhat, openssl, http, apache