[rhelv6-list] RHEL 6.5 added ECDHE, but not for Apache, Postfix, Sendmail, etc.
Chris Adams
linux at cmadams.net
Wed Mar 12 21:22:29 UTC 2014
I was configuring a web server, and thought I'd enable forward secrecy
since RHEL 6.5 now includes some elliptic curve support (specifically,
ECDHE). However, I found that RHEL's Apache package hasn't been rebuilt
since the OpenSSL update to enable elliptic curve.
Neither have Postfix, Sendmail, or most any other OpenSSL-using package
that I checked. The packages have to be recompiled to take advantage of
ECC (that part of OpenSSL is apparently a compile-time feature check,
not something that can be enabled just by recompiling the OpenSSL shared
libs).
Does anybody know if Red Hat plans on rebuilding these OpenSSL-using
packages?
--
Chris Adams <linux at cmadams.net>
More information about the rhelv6-list
mailing list