인증서(SSL)

2022.02.14 15:17

apache tls1.2 설정

  • 비아웹 오래 전 2022.02.14 15:17 인기
  • 5,159
    0

1. 테스트 환경

CentOS release 6.9 (Final)

apache : 2.2.34

openssl : 1.1.1u

테스트 일자 : 2020.11.24

 

2. apache ssl 설정

SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-GCM-SHA256:AES256+EDH:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GC$

SSLProtocol -All +TLSv1.2 SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-GCM-SHA256:AES256+EDH:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GC$ <VirtualHost *:443> ServerName demo.viaweb.co.kr DocumentRoot /home/viaweb SSLEngine on SSLProtocol -all +TLSv1.2 SSLCertificateFile /usr/local/apache/conf/ssl/cert.pem SSLCertificateKeyFile /usr/local/apache/conf/ssl/privkey.pem </VirtualHost>

SSLProtocol -All +TLSv1.2 프로토콜을 모두 제외하고 TLS v1.2 만 사용한다는 의미

 

3. 웹상에서 서비스 확인

https://www.ssllabs.com/ssltest/ostname: Do not show the results on the boards Recent Best A+ www.rb24.ir A+ www.refah-bank.ir A+ www.desjardins.com A+ eusb.webcomcpq.com A dataservice.dev.rdk.yo-digit ... A kongshian.westus.cloudapp.az ... A test2.lbbw-business.de B www.kbs-logisticsworld2.com B mirgadania.ru B mk03.com

www.ssllabs.com

4. openssl 을 이용한 확인

[root@viaweb extra]# openssl s_client -connect demo.viaweb.co.kr:443-tls1_2 ~~생략~~SSL-Session: Protocol : TLSv1.2 Cipher :ECDHE-RSA-AES256-GCM-SHA384 Session-ID:9DB68941DA80EBBA219D75BD144335D2C9D3EEC8C214B8391B6686EE54EDCB55 Session-ID-ctx: Master-Key:968A4E2FA0AE4B8D6D122E047C750C524C28FADF985F34A10B05AC975491FDFA450E94D7C87F49070BA4E5CF82CAA85E Key-Arg : None Krb5 Principal: None PSK identity: None PSK identity hint: None TLS session ticket lifetime hint:300(seconds)TLS session ticket:0000- a9 6a 9e b5 a8 ed 407f-ce 8a 2b dd 79 ea 34 ec .j....@...+.y.4.

감사합니다.

서버호스팅 비아웹

  • 공유링크 복사
  • 이전글웹방화벽 WAPPLE SSL 인증서 등록2024.06.27
  • 다음글centos snap 설치 시 발생하는 에러2022.02.11

    • 댓글목록

    등록된 댓글이 없습니다.