2018-10-15 16:31:39
SNI in RHEL 5 Apache
The custom httpd package for RHEL/CentOS 5 now also offers SNI / server name indication. And the default size of dhparams was increased to 2048 bit (RHEL 6 default: 1024 bit). In total these enhancements were done on the original package:
httpd-2.2.3-92.4.el5_11
- provide SNI support
- recompiled against openssl1 package (ported from RHEL 6)
- use bigger DH params
- some secure basic options for SSL_CTX_set_options() hardcoded
- basic ECDH support
- improved default SSLCipherSuite in ssl.conf
- configurable DH params by SSLDhParamsFile config option
- weekly cronjob for updating dh2048.pem
News history tuxad repository:
- 2018/07 tuxad RH5 repo now with PHP/openssl1
- 2016/10 More packages recompiled against OpenSSL 1
- 2016/05 RHEL 5 RPM packages with SSL enhancements
- 2016/03 Enhanced encryption for dovecot on RHEL/CentOS 5
- 2015/04 tuxad yum package repository for RHEL / CentOS 5 x86_64
- 2014/12 YUM repository for RHEL / CentOS 5
- 2014/11 OpenSSL updates/enhancements for RHEL / Centos 5
Posted by Frank W. Bergmann | Permanent link | File under: ssl, encryption, rpm, yum, repository, redhat, openssl, http, apache