[rhelv6-list] RHEL 6.5 added ECDHE, but not for Apache, Postfix, Sendmail, etc.
Leon Fauster
leonfauster at googlemail.com
Thu Mar 13 11:52:00 UTC 2014
Am 12.03.2014 um 22:22 schrieb Chris Adams <linux at cmadams.net>:
> I was configuring a web server, and thought I'd enable forward secrecy
> since RHEL 6.5 now includes some elliptic curve support (specifically,
> ECDHE). However, I found that RHEL's Apache package hasn't been rebuilt
> since the OpenSSL update to enable elliptic curve.
>
> Neither have Postfix, Sendmail, or most any other OpenSSL-using package
> that I checked. The packages have to be recompiled to take advantage of
> ECC (that part of OpenSSL is apparently a compile-time feature check,
> not something that can be enabled just by recompiling the OpenSSL shared
> libs).
>
> Does anybody know if Red Hat plans on rebuilding these OpenSSL-using
> packages?
so far i know - httpd 2.4. is necessary to use forward secrecy ...
--
LF
More information about the rhelv6-list
mailing list