Description of problem: I installed mlogc and it fails with a handshake error. When i lower the encryption standard on the Apache frontend, it works. See also: https://sourceforge.net/p/mod-security/mailman/message/33000052/ Version-Release number of selected component (if applicable): ModSecurity Log Collector (mlogc) v2.7.3 APR: compiled="1.3.9"; loaded="1.3.9" PCRE: compiled="7.8"; loaded="7.8 2008-09-05" cURL: compiled="7.19.7"; loaded="libcurl/7.19.7 NSS/3.27.1 zlib/1.2.3 libidn/1.18 libssh2/1.4.2" How reproducible: Install mlogc and let mlogc send the logs to an Apache frontend with backend application AuditConsole. Use these encryption settings with Apache: SSLHonorCipherOrder On SSLCipherSuite HIGH:!SSLv2:!SSLv3:!aNULL SSLprotocol ALL -SSLv2 -SSLv3 Actual results: [Wed Apr 12 12:43:02 2017] [2] [15140/7f2fc40009c8] Flagging server as errored after failure to submit entry WO4EtpF11pQAADsoAwQAAAAB (cURL code 35): SSL connect error Expected results: [Wed Apr 12 12:42:31 2017] [3] [15140/7f2fc40009c8] Entry completed (0.197 seconds, 837 bytes): WO4ElpF11pQAADsuAt0AAAAH Additional info: When i allow SSLv3 it works, but we prefer not to use it. I think the mlogc package must be rebuild with the patch mentioned here: https://sourceforge.net/p/mod-security/mailman/message/33000052/
mod_security-2.7.3-5.el6 has been submitted as an update to Fedora EPEL 6. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-b56d84e139
mod_security-2.7.3-5.el6 has been pushed to the Fedora EPEL 6 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-b56d84e139
mod_security-2.7.3-5.el6 has been pushed to the Fedora EPEL 6 stable repository. If problems still persist, please make note of it in this bug report.