How can we mitigate CVE-2012-4929 SSL/TLS CRIME attack against HTTPS in Red Hat Enterprise Linux 5 or 6
Issue
httpdrefuses to start whenSSLCompression onis used in/etc/httpd/conf.d/ssl.conf- How can we mitigate CVE-2012-4929 SSL/TLS CRIME attack against HTTPS in Red Hat Enterprise Linux 5 or 6 on httpd and mod_ssl?
Environment
- Red Hat Enterprise Linux 5
- Red Hat Enterprise Linux 6
- OpenSSL
- Red Hat JBoss Enterprise Web Server (EWS)
- Apache httpd
- mod_ssl
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.
