Does the Apache webserver support TLS version 1.1 and 1.2?

Solution Verified - Updated -

Issue

  • Does the Apache webserver support TLS version 1.1 and 1.2?
  • We want to disable TLS v1.0 and enable TLS v1.1 protocol on our servers as our servers are currently failing the vulnerability scan.
  • Enable TLS1.1 & 1.2 on Apache / Redhat 5.4 / OpenSSL 1.0.2d
  • Which version of httpd supports TLSv1.1 and TLSv1.2?
  • Need suggestion from REDHAT on implementing TLS for apache so that there are no Security Threats.
  • Disabling TLS1.1 on RHEL5 httpd.
  • As per PCI v3.1 requirement, we are in needs of disabling TLSv1 and TLS1.1 on apache/ httpd instances.For SSLProtocol directive in ssl.conf, TLSv1.1 is not valid protocol option on some of the old HTTPd versions.Could you advise what is the minimum required httpd version(for both RHEL5 and RHEL6) to have this functionality ?
  • Does OpenSSL shipped with RHEL 5 support TLSv1.1 and TLSv1.2?
  • Getting following syntax error when starting Apache on RHEL 5 with TLSv1.1:
Syntax error on line 18 of /etc/httpd/conf.d/ssl.conf:
SSLProtocol: Illegal protocol 'TLSv1.1'
  • I would like to ask what is the minimum version of Apache httpd which support TLS v1.2 on either Red Hat Enterprise Linux 5 or 6 or 7 ? And how to enable it in httpd.conf ?

Environment

  • Red Hat Enterprise Linux 5
  • Red Hat Enterprise Linux 6
  • Red Hat Enterprise Linux 7
  • Red Hat JBoss Enterprise Web Server (EWS)

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In