[SRU] Apache mod_ssl: enable support for ECC keys and ECDH ciphers.
Bug #1346498 reported by
JorSol
This bug report is a duplicate of:
Bug #1197884: apache2.2 SSL has no forward-secrecy: need ECDHE keys.
Edit
Remove
This bug affects 3 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
apache2 (Ubuntu) |
Confirmed
|
Undecided
|
Unassigned |
Bug Description
[Impact]
Apache 2.2.26 add support for ECC keys and ECDH ciphers wich offers security improvements to SSL connections and potentialy limit the vector of attacks agains bugs like Heartbleed and allows the use of forward secrecy.
Since Ubuntu 12.04 is supported until April 2017 this feature should be backported for those people that can't/want upgrade to Apache 2.4+ (Ubuntu 14.04) in the near term.
[Test Case]
Test a cipher suite using ECDH with no success.
openssl s_client -cipher "ECDHE-
[Regression Potential]
The regression potential is near to zero, since it just adds more ciphers to Apache.
To post a comment you must log in.
Status changed to 'Confirmed' because the bug affects multiple users.