On rhel-7 ECDH support was even in version httpd24-httpd-devel-2.4.6-25.el7 (built against newer openssl) On rhel-6 ECDH support was successfully added httpd24-httpd-2.4.6-22.el6 ========================== something like this for every cipher variant tested: :: [ FAIL ] :: Connecting to localhost with openssl (Expected 0, got 1) :: [ FAIL ] :: File '/var/tmp/tmp.MoZGzsAwMU' should contain 'Cipher is ECDHE-RSA-AES256-SHA384' :: [ FAIL ] :: File '/var/tmp/tmp.MoZGzsAwMU' should contain 'Server Temp Key: ECDH' :: [ FAIL ] :: File '/var/tmp/tmp.MoZGzsAwMU' should contain 'Verify return code: 0' :: [ FAIL ] :: File '/var/tmp/tmp.MoZGzsAwMU' should not contain 'fail' :: [ FAIL ] :: File '/var/tmp/tmp.MoZGzsAwMU' should not contain 'error:' httpd24-httpd-2.4.12-3.el6 ========================== test passed for all these cipher variants (log just from one): ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA ECDHE-RSA-DES-CBC3-SHA ECDHE-RSA-RC4-SHA ECDHE-ECDSA-AES128-GCM-SHA256(curve=secp384r1) ECDHE-ECDSA-AES128-GCM-SHA256(curve=secp521r1) ECDHE-ECDSA-AES128-GCM-SHA256(curve=prime256v1) :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ LOG ] :: Testing httpd with ECDH, cipher ECDHE-RSA-AES128-GCM-SHA256 :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :: [ PASS ] :: Connecting to localhost with openssl (Expected 0, got 0) :: [ PASS ] :: File '/var/tmp/tmp.LyN7vd9DbS' should contain 'Cipher is ECDHE-RSA-AES128-GCM-SHA256' :: [ PASS ] :: File '/var/tmp/tmp.LyN7vd9DbS' should contain 'Server Temp Key: ECDH' :: [ PASS ] :: File '/var/tmp/tmp.LyN7vd9DbS' should contain 'Verify return code: 0' :: [ PASS ] :: File '/var/tmp/tmp.LyN7vd9DbS' should not contain 'fail' :: [ PASS ] :: File '/var/tmp/tmp.LyN7vd9DbS' should not contain 'error:'
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHBA-2015-1056.html