Name
SSLProtocol
Synopsis
SSLProtocol [+-]protocol ... Default: SSLProtocol all Server config, virtual host Apache v2 only
This directive can be used to control the SSL protocol flavors mod_ssl should use when establishing its server environment. Clients then can only connect with one of the provided protocols.
The available (case-insensitive) protocols are as follows:
-
SSLv2
This is the Secure Sockets Layer (SSL) protocol, Version 2.0. It is the original SSL protocol as designed by Netscape Corporation.
-
SSLv3
This is the Secure Sockets Layer (SSL) protocol, Version 3.0. It is the successor to SSLv2 and the currently (as of February 1999) de-facto standardized SSL protocol from Netscape Corporation. It is supported by most popular browsers.
-
TLSv1
This is the Transport Layer Security (TLS) protocol, Version 1.0, which is the latest and greatest, IETF-approved version of SSL.
-
All
This is a shortcut for
"+SSLv2 +SSLv3 +TLSv1"
and a convenient way for enabling all protocols except one when used in combination with the minus sign on a protocol, as the following example shows.
Example
# enable SSLv3 and TLSv1, but not SSLv2 SSLProtocol all -SSLv2
Get Apache: The Definitive Guide, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.