Freebsd

SSLProtocol:非法協議 ‘TLSv1.2’

  • January 4, 2021

我正在使用FreeBSD 9.2-RELEASE包裝apache24-2.4.10_2

[root@alexus ~]# uname -a
FreeBSD alexus.org 9.2-RELEASE-p5 FreeBSD 9.2-RELEASE-p5 #0 r265974: Wed May 14 07:57:04 PDT 2014     root@jj3.myibay.com:/usr/obj/usr/src/sys/R610  amd64
[root@alexus ~]# httpd -V | head -1
Server version: Apache/2.4.10 (FreeBSD)
[root@alexus ~]# 

我正在嘗試啟用,但在重新啟動服務TLSv1.2時出現以下錯誤:apache24

SSLProtocol all -SSLv2 -SSLv3 +TLSv1 +TLSv1.2

[root@alexus /usr/local/etc/apache24/Includes]# service apache24 restart
Performing sanity check on apache24 configuration:
AH00526: Syntax error on line 5 of /usr/local/etc/apache24/Includes/ssl_module.conf:
SSLProtocol: Illegal protocol 'TLSv1.2'
[root@alexus /usr/local/etc/apache24/Includes]#

openssl隨 FreeBSD 一起提供,然後我也安裝了更新版本的軟體包。

[root@alexus ~]# openssl version
OpenSSL 0.9.8y 5 Feb 2013
[root@alexus ~]# /usr/local/bin/openssl version
OpenSSL 1.0.1i 6 Aug 2014
[root@alexus ~]#

我究竟做錯了什麼?到目前為止,我不得不回退到TLSv1,有沒有辦法真正啟用它?

*** 更新 ***

[root@alexus ~]# ldd /usr/local/libexec/apache24/mod_ssl.so
/usr/local/libexec/apache24/mod_ssl.so:
   libssl.so.6 => /usr/lib/libssl.so.6 (0x801236000)
   libcrypto.so.6 => /lib/libcrypto.so.6 (0x8014a0000)
   libcrypt.so.5 => /lib/libcrypt.so.5 (0x8018a5000)
   libthr.so.3 => /lib/libthr.so.3 (0x801ac8000)
   libc.so.7 => /lib/libc.so.7 (0x800824000)
[root@alexus ~]# 

@MichaelHampton & @ChrisS 是對的:

這不能/usr/local/libexec/apache24/mod_ssl.so與舊版本的 openssl 相關聯來完成/usr/lib/libssl.so.6

[root@alexus ~]# ldd /usr/local/libexec/apache24/mod_ssl.so
/usr/local/libexec/apache24/mod_ssl.so:
   libssl.so.6 => /usr/lib/libssl.so.6 (0x801236000)
   libcrypto.so.6 => /lib/libcrypto.so.6 (0x8014a0000)
   libcrypt.so.5 => /lib/libcrypt.so.5 (0x8018a5000)
   libthr.so.3 => /lib/libthr.so.3 (0x801ac8000)
   libc.so.7 => /lib/libc.so.7 (0x800824000)
[root@alexus ~]# 

引用自:https://serverfault.com/questions/637636