我使用FreeBSD 9.2-RELEASE和apache24-2.4.10_2软件包。
[root@alexus ~]# uname -a FreeBSD alexus.org 9.2-RELEASE-p5 FreeBSD 9.2-RELEASE-p5 #0 r265974: Wed May 14 07:57:04 PDT 2014 [email protected]:/usr/obj/usr/src/sys/R610 amd64 [root@alexus ~]# httpd -V | head -1 Server version: Apache/2.4.10 (FreeBSD) [root@alexus ~]#
我试图启用TLSv1.2并且在重新启动apache24服务时出现以下错误:
SSLProtocol all -SSLv2 -SSLv3 +TLSv1 +TLSv1.2
[root@alexus /usr/local/etc/apache24/Includes]# service apache24 restart Performing sanity check on apache24 configuration: AH00526: Syntax error on line 5 of /usr/local/etc/apache24/Includes/ssl_module.conf: SSLProtocol: Illegal protocol 'TLSv1.2' [root@alexus /usr/local/etc/apache24/Includes]#
openssl自带了FreeBSD,然后我安装了更新的版本。
[root@alexus ~]# openssl version OpenSSL 0.9.8y 5 Feb 2013 [root@alexus ~]# /usr/local/bin/openssl version OpenSSL 1.0.1i 6 Aug 2014 [root@alexus ~]#
我究竟做错了什么? 到目前为止,我不得不倒退到TLSv1 ,有没有办法实际启用它?
*更新*
[root@alexus ~]# ldd /usr/local/libexec/apache24/mod_ssl.so /usr/local/libexec/apache24/mod_ssl.so: libssl.so.6 => /usr/lib/libssl.so.6 (0x801236000) libcrypto.so.6 => /lib/libcrypto.so.6 (0x8014a0000) libcrypt.so.5 => /lib/libcrypt.so.5 (0x8018a5000) libthr.so.3 => /lib/libthr.so.3 (0x801ac8000) libc.so.7 => /lib/libc.so.7 (0x800824000) [root@alexus ~]#
@MichaelHampton&@ChrisS是对的:
这不能像/usr/local/libexec/apache24/mod_ssl.so连接到旧版本的openssl /usr/lib/libssl.so.6 。
[root@alexus ~]# ldd /usr/local/libexec/apache24/mod_ssl.so /usr/local/libexec/apache24/mod_ssl.so: libssl.so.6 => /usr/lib/libssl.so.6 (0x801236000) libcrypto.so.6 => /lib/libcrypto.so.6 (0x8014a0000) libcrypt.so.5 => /lib/libcrypt.so.5 (0x8018a5000) libthr.so.3 => /lib/libthr.so.3 (0x801ac8000) libc.so.7 => /lib/libc.so.7 (0x800824000) [root@alexus ~]#