If you want to install apache2 with SSL support check here once you have everything ready you need to configure your SSL for good security.
SSL is the most known and the most popular, it is not the only protocol that has been used for the purpose of securing web transactions. It is important to know that since invention of SSL v1.0 (which has never been released, by the way) there have been at least five protocols that have played a more-or-less important role in securing access to World Wide Web, as we see below:
SSL v2.0
Does Cisco IOS devices support SSH V3 or is SSH V2 the standard protocol? I saw my repo ssh URL which was different from my DevOps URL in my case what worked was adding the config file in my /.ssh folder with the following information: Host vs-ssh.visualstudio.com SSH URL IdentityFile /.ssh/idrsavsonline.
Released by Netscape Communications in 1994. The main goal of this protocol was to provide security for transactions over the World Wide Web. Unfortunately, very quickly a number of security weaknesses were found in this initial version of the SSL protocol, thus making it less reliable for commercial use:
weak MAC construction
possibility of forcing parties to use weaker encryption
no protection for handshakes
possibility of an attacker performing truncation attacks
Ssh V3 Download
SSL v3.0
Released in 1996 by Netscape Communications. SSL v3.0 solved most of the SSL v2.0 problems, and incorporated many of the features of PCT. Pretty quickly become the most popular protocol for securing communication over WWW.
TLS v1.0 (also known as SSL v3.1)
Published by IETF in 1999 (RFC 2246). This protocol is based on SSL v3.0 and PCT and harmonizes both Netscape’s and Microsoft’s approaches. It is important to note that although TLS is based on SSL, it is not a 100% backward compatible with its predecessor. IETF did some security improvements, such as using HMAC instead of MAC, using a different calculation of the master secret and key material, adding additional alert codes, no support for Fortezza cipher suites, and so on. The end result of these improvements is that these protocols don’t fully interoperate. Fortunately enough, TLS has also got a mode to fall back to SSL v3.0.
Configuring SSLv3 and TLSv1 in Apache Hosts
If you want to enable SSL Version 3 and TLS v1.0 for more security you need to add the following lines under SSL section in your apache hosts configuration file
SSLProtocol -all +SSLv3 +TLSv1
SSLCipherSuite SSLv3:+HIGH:+MEDIUM
Once you add these line you need to restart your apache webserver with the following command
#/etc/init.d/apache2 restart
Testing your SSL Version
If you want to test your ssl version details of perticular host use the following command
#openssl s_client -connect localhost:443
Ssh Verbose
You need to replace localhost to your website hostname
Output looks like below
New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA
Server public key is 1024 bit
SSL-Session:
Protocol : SSLv3
Cipher : DHE-RSA-AES256-SHA
Session-ID: 62EA68A5750511917CC42A1B134A8F218C27C9C0241C35C53977A2A8BBB9986A
Session-ID-ctx:
Master-Key: 303B60D625B020280F5F346AB00F8A61A7C4BEA707DFA0ED8D2F52371F8C4F087FB6EFFC02CE3B48F912D2C8929DB5BE
Key-Arg : None
Start Time: 1101164382
Timeout : 300 (sec)
Verify return code: 18 (self signed certificate)
—
Related content: