Bug 979799
Summary: | current nss support TLS 1.1 so mod_nss should pick it up | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 6 | Reporter: | David Jaša <djasa> |
Component: | mod_nss | Assignee: | Matthew Harmsen <mharmsen> |
Status: | CLOSED DUPLICATE | QA Contact: | Kaleem <ksiddiqu> |
Severity: | medium | Docs Contact: | |
Priority: | unspecified | ||
Version: | 6.5 | CC: | dpal, mharmsen, nkinder |
Target Milestone: | beta | ||
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | 979798 | Environment: | |
Last Closed: | 2013-10-29 18:05:39 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 979719 |
Description
David Jaša
2013-06-30 17:59:58 UTC
(In reply to David Jaša from comment #0) > +++ This bug was initially created as a clone of Bug #979798 +++ > > Description of problem: > nss >= 3.14 supports TLS 1.1 so mod_tls should support it automatically > > Version-Release number of selected component (if applicable): > mod_nss-1.0.8-20.1.fc19.armv7hl > nss-3.14.3-13.0.fc19.armv7hl > Support for TLS v1.1 in RHEL 6 has been provided since mod_nss-1.0.8-17.el6, so I am marking this bug as a DUPLICATE of 'Bugzilla Bug #816394 - [RFE] Provide Apache 2.2 support for TLS v1.1 via NSS through mod_nss . . .'. The patch which supported this has now been ported upstream and is available in the following Brew builds which are awaiting karma in Bodhi: * mod_nss-1.0.8-24.fc18 * mod_nss-1.0.8-24.fc19 * mod_nss-1.0.8-24.fc20 Please feel free to provide karma for these builds. Finally, I noticed that since the packages referenced must be customized builds for the 'armv7hl' architecture, please try using the appropriate Fedora SRPM to reproduce your packages. > How reproducible: > always > > Steps to Reproduce: > 1. specify NSSProtocol TLSv1.1 in /etc/apache/conf.d/nss.conf > 2. connect to the server with client that supports just TLS >= 1.1 > 3. > > Actual results: > connection fails > > Expected results: > connection is established > > Additional info: > TLSv1.2 should be picked up automatically once nss supports it, too *** This bug has been marked as a duplicate of bug 816394 *** |