인증서(SSL)
apache tls1.2 설정
- 비아웹 오래 전 2022.02.14 15:17 인기
-
- 5,192
- 0
1. 테스트 환경
CentOS release 6.9 (Final)
apache : 2.2.34
openssl : 1.1.1u
테스트 일자 : 2020.11.24
2. apache ssl 설정
SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-GCM-SHA256:AES256+EDH:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GC$
SSLProtocol -All +TLSv1.2
SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-GCM-SHA256:AES256+EDH:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GC$
<VirtualHost *:443>
ServerName demo.viaweb.co.kr
DocumentRoot /home/viaweb
SSLEngine on
SSLProtocol -all +TLSv1.2
SSLCertificateFile /usr/local/apache/conf/ssl/cert.pem
SSLCertificateKeyFile /usr/local/apache/conf/ssl/privkey.pem
</VirtualHost>
SSLProtocol -All +TLSv1.2 프로토콜을 모두 제외하고 TLS v1.2 만 사용한다는 의미
3. 웹상에서 서비스 확인
https://www.ssllabs.com/ssltest/ostname: Do not show the results on the boards Recent Best A+ www.rb24.ir A+ www.refah-bank.ir A+ www.desjardins.com A+ eusb.webcomcpq.com A dataservice.dev.rdk.yo-digit ... A kongshian.westus.cloudapp.az ... A test2.lbbw-business.de B www.kbs-logisticsworld2.com B mirgadania.ru B mk03.com
4. openssl 을 이용한 확인
[root@viaweb extra]# openssl s_client -connect demo.viaweb.co.kr:443-tls1_2
~~생략~~SSL-Session:
Protocol : TLSv1.2
Cipher :ECDHE-RSA-AES256-GCM-SHA384
Session-ID:9DB68941DA80EBBA219D75BD144335D2C9D3EEC8C214B8391B6686EE54EDCB55
Session-ID-ctx:
Master-Key:968A4E2FA0AE4B8D6D122E047C750C524C28FADF985F34A10B05AC975491FDFA450E94D7C87F49070BA4E5CF82CAA85E
Key-Arg : None
Krb5 Principal: None
PSK identity: None
PSK identity hint: None
TLS session ticket lifetime hint:300(seconds)TLS session ticket:0000- a9 6a 9e b5 a8 ed 407f-ce 8a 2b dd 79 ea 34 ec .j....@...+.y.4.
감사합니다.
서버호스팅 비아웹
- 이전글웹방화벽 WAPPLE SSL 인증서 등록2024.06.27
- 다음글centos snap 설치 시 발생하는 에러2022.02.11
댓글목록
등록된 댓글이 없습니다.