this should be fixed in httpd 2.4.10 (rhscl-2.0)
httpd24-mod_ssl-2.4.12-6.el7, httpd24-mod_ssl-2.4.12-3.el6 ========================================================== :: [ INFO ] :: Testing 2047 bit RSA keys with 2048 DHE keys :: [ PASS ] :: Command 'openssl req -x509 -newkey rsa:2047 -keyout /etc/pki/tls/private/localhost.key -out /etc/pki/tls/certs/localhost.crt -subj /CN=localhost -nodes -batch' (Expected 0, got 0) :: [ PASS ] :: Start httpd server (Expected 0, got 0) :: [ PASS ] :: Command 'openssl s_client -CAfile /etc/pki/tls/certs/localhost.crt -cipher 'ALL:!ECDH' -connect localhost:443 < request.txt' (Expected 0, got 0) :: [ PASS ] :: File '/var/tmp/tmp.m4Fl0eo74L' should contain 'Server Temp Key: DH, 2048 bits' :: [ PASS ] :: File '/var/tmp/tmp.m4Fl0eo74L' should contain 'Server public key is 2047 bit'
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHBA-2015-1056.html