SSL protocol version


#1

Hello all,
I already got certificate and key file on my server after then I try to configed apache2 with ssl.conf file.

=============== ssl.conf ========================
LoadModule ssl_module modules/mod_ssl.so
Listen 443
NameVirtualHost *:443

ServerAdmin admin@gmail.com
DocumentRoot "mywebroot"
ServerName mydomain:443

    SSLEngine on
    SSLCertificateFile    /home/web/cert/domain.crt
    SSLCertificateKeyFile /home/web/cert/domain.key
    SSLCertificateChainFile /home/web/cert/domain.intermediate.crt

SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA;
SSLHonorCipherOrder on
<Directory /home/web/meroot/src>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all

===============================================
** I would like to ask, Is there any mistake in ssl.conf file?

Http and Https service ran, for http on port 80 is working but for https on port 443 I got below error when i try to execute https://mydomain.com/

This site can’t provide a secure connection
mydomain.com uses an unsupported protocol.

Unsupported protocol
The client and server don’t support a common SSL protocol version or cipher suite.

**Could you tell me what is the mistake and how to fix this error?
Thanks you.


#2

have a look at the ciphers suggested by the mozilla tls guide https://mozilla.github.io/server-side-tls/ssl-config-generator/

have you tried a range of clients to isolate if it’s a client issue or a server issue


#3

If you provide your real domain name people can assist you easier.


#4

@ahaw021 and @MitchellK
Now my ssl certificate is working

Thanks you for your help


#5

Great to hear that, well done.


#6

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.