Am 18.12.2014 um 06:31 schrieb Jake Shipton <jakems at fedoraproject.org>: > On 16/12/14 18:15, Alexander Dalloz wrote: >> Am 16.12.2014 um 16:03 schrieb For at ll: >>> On 15.12.2014 12:50, Steve Clark wrote: >>> Stephen I add this repo but I can't find them httpd 2.2.29 only in >>> 2.2.15 version... >> >> What do you expect from Apache 2.2.29 in contrast to the version >> provided by CentOS? >> >> If it is just about to get the latest release you probably haven't heard >> about >> >> https://access.redhat.com/security/updates/backporting >> >> There is no real need to use 2.2.29 opposed to 2.2.15 from CentOS. >> >> Alexander >> >> >> _______________________________________________ >> CentOS mailing list >> CentOS at centos.org >> http://lists.centos.org/mailman/listinfo/centos > > Hi Alex, > > In this situation 2.2.29 actually does offer an advantage over CentOS > version 2.2.15. > > The version provided by CentOS does not support Forward Secrecy for SSL > or TLS 1.2. > > Version 2.2.24+ of upstream Apache includes patches which enable both > Forward Secrecy and TLS 1.2. > > Now that C6's OpenSSL can also support both TLS 1.2, and Forward > Secrecy, upgrading Apache slightly to be able to use both of those is a > very viable option. enable it via SSLProtocol and +TLSv1.2 -- LF