인증서(SSL)

2022.02.14 15:17

apache tls1.2 설정

  • 비아웹 오래 전 2022.02.14 15:17 인기
  • 5,192
    0

1. 테스트 환경

CentOS release 6.9 (Final)

apache : 2.2.34

openssl : 1.1.1u

테스트 일자 : 2020.11.24

 

2. apache ssl 설정

SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-GCM-SHA256:AES256+EDH:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GC$

SSLProtocol -All +TLSv1.2 SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-GCM-SHA256:AES256+EDH:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GC$ <VirtualHost *:443> ServerName demo.viaweb.co.kr DocumentRoot /home/viaweb SSLEngine on SSLProtocol -all +TLSv1.2 SSLCertificateFile /usr/local/apache/conf/ssl/cert.pem SSLCertificateKeyFile /usr/local/apache/conf/ssl/privkey.pem </VirtualHost>

4. openssl 을 이용한 확인

[root@viaweb extra]# openssl s_client -connect demo.viaweb.co.kr:443-tls1_2 ~~생략~~SSL-Session: Protocol : TLSv1.2 Cipher :ECDHE-RSA-AES256-GCM-SHA384 Session-ID:9DB68941DA80EBBA219D75BD144335D2C9D3EEC8C214B8391B6686EE54EDCB55 Session-ID-ctx: Master-Key:968A4E2FA0AE4B8D6D122E047C750C524C28FADF985F34A10B05AC975491FDFA450E94D7C87F49070BA4E5CF82CAA85E Key-Arg : None Krb5 Principal: None PSK identity: None PSK identity hint: None TLS session ticket lifetime hint:300(seconds)TLS session ticket:0000- a9 6a 9e b5 a8 ed 407f-ce 8a 2b dd 79 ea 34 ec .j....@...+.y.4.

감사합니다.

서버호스팅 비아웹

  • 공유링크 복사

    댓글목록

    등록된 댓글이 없습니다.