SSLProtocol: Illegal protocol 'TLSv1.2'
I'm using FreeBSD 9.2-RELEASE with apache24-2.4.10_2 package.
[root@alexus ~]# uname -a
FreeBSD alexus.org 9.2-RELEASE-p5 FreeBSD 9.2-RELEASE-p5 #0 r265974: Wed May 14 07:57:04 PDT 2014 [email protected]:/usr/obj/usr/src/sys/R610 amd64
[root@alexus ~]# httpd -V | head -1
Server version: Apache/2.4.10 (FreeBSD)
[root@alexus ~]#
I'm trying to enable TLSv1.2 and I'm getting following error while restarting apache24 service:
SSLProtocol all -SSLv2 -SSLv3 +TLSv1 +TLSv1.2
[root@alexus /usr/local/etc/apache24/Includes]# service apache24 restart
Performing sanity check on apache24 configuration:
AH00526: Syntax error on line 5 of /usr/local/etc/apache24/Includes/ssl_module.conf:
SSLProtocol: Illegal protocol 'TLSv1.2'
[root@alexus /usr/local/etc/apache24/Includes]#
openssl comes with FreeBSD and then I installed newer version as package as well.
[root@alexus ~]# openssl version
OpenSSL 0.9.8y 5 Feb 2013
[root@alexus ~]# /usr/local/bin/openssl version
OpenSSL 1.0.1i 6 Aug 2014
[root@alexus ~]#
What am I doing wrong? As of now I had to fallback to TLSv1, is there a way to actually enable it?
* UPDATE *
[root@alexus ~]# ldd /usr/local/libexec/apache24/mod_ssl.so
/usr/local/libexec/apache24/mod_ssl.so:
libssl.so.6 => /usr/lib/libssl.so.6 (0x801236000)
libcrypto.so.6 => /lib/libcrypto.so.6 (0x8014a0000)
libcrypt.so.5 => /lib/libcrypt.so.5 (0x8018a5000)
libthr.so.3 => /lib/libthr.so.3 (0x801ac8000)
libc.so.7 => /lib/libc.so.7 (0x800824000)
[root@alexus ~]#
Solution 1:
@MichaelHampton & @ChrisS is right:
This cannot be done as /usr/local/libexec/apache24/mod_ssl.so linked against older version of openssl /usr/lib/libssl.so.6.
[root@alexus ~]# ldd /usr/local/libexec/apache24/mod_ssl.so
/usr/local/libexec/apache24/mod_ssl.so:
libssl.so.6 => /usr/lib/libssl.so.6 (0x801236000)
libcrypto.so.6 => /lib/libcrypto.so.6 (0x8014a0000)
libcrypt.so.5 => /lib/libcrypt.so.5 (0x8018a5000)
libthr.so.3 => /lib/libthr.so.3 (0x801ac8000)
libc.so.7 => /lib/libc.so.7 (0x800824000)
[root@alexus ~]#