<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_ssl</td></tr>
</table>
<p>
-This directive points to the PEM-encoded Certificate file for the server and
-optionally also to the corresponding RSA or DSA Private Key file for it
-(contained in the same file). If the contained Private Key is encrypted the
-Pass Phrase dialog is forced at startup time. This directive can be used up to
-three times (referencing different filenames) when both a RSA, a DSA, and an
-ECC based server certificate is used in parallel.</p>
+This directive points to the file with the PEM-encoded certificate,
+optionally also the corresponding private key, and - beginning with
+version 2.5.0-dev as of 2013-09-29 - DH parameters and/or an EC curve name
+for ephemeral keys (as generated by <code>openssl dhparam</code>
+and <code>openssl ecparam</code>, respectively). If the private key
+is encrypted, the pass phrase dialog is forced at startup time.
+</p>
+<p>
+This directive can be used up to three times (referencing different filenames)
+when both an RSA, a DSA, and an ECC based server certificate is used in
+parallel. Note that DH and ECDH parameters are only read from the first
+<code class="directive">SSLCertificateFile</code> directive.</p>
+
+<div class="note">
+<h3>DH parameter interoperability with primes > 1024 bit</h3>
+<p>
+Beginning with version 2.5.0-dev as of 2013-09-29, mod_ssl makes use of
+standardized DH parameters with prime lengths of 2048, 3072 and 4096 bits
+(from <a href="http://www.ietf.org/rfc/rfc3526.txt">RFC 3526</a>), and hands
+them out to clients based on the length of the certificate's RSA/DSA key.
+With Java-based clients in particular (Java 7 or earlier), this may lead
+to handshake failures - see this
+<a href="../ssl/ssl_faq.html#javadh">FAQ answer</a> for working around
+such issues.
+</p>
+</div>
+
<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
SSLCertificateFile /usr/local/apache2/conf/ssl.crt/server.crt
</pre>
<li><code>-</code>: remove cipher from list (can be added later again)</li>
<li><code>!</code>: kill cipher from list completely (can <strong>not</strong> be added later again)</li>
</ul>
+
+<div class="note">
+<h3><code>aNULL</code>, <code>eNULL</code> and <code>EXP</code>
+ciphers are always disabled</h3>
+<p>Beginning with version 2.5.0-dev as of 2013-09-25, null and export-grade
+ciphers are always disabled, as mod_ssl unconditionally prepends any supplied
+cipher suite string with <code>!aNULL:!eNULL:!EXP:</code> at initialization.</p>
+</div>
+
<p>A simpler way to look at all of this is to use the ``<code>openssl ciphers
-v</code>'' command which provides a nice way to successively create the
correct <em>cipher-spec</em> string. The default <em>cipher-spec</em> string
<li><a href="#msie">Why do I get I/O errors when connecting via
HTTPS to an Apache+mod_ssl server with Microsoft Internet Explorer
(MSIE)?</a></li>
+<li><a href="#srp">How do I enable TLS-SRP?</a></li>
+<li><a href="#javadh">Why do I get handshake failures with Java-based clients when using a certificate with more than 1024 bits?</a></li>
</ul>
<h3><a name="random" id="random">Why do I get lots of random SSL protocol
</code></p></div>
+<h3><a name="javadh" id="javadh">Why do I get handshake failures with Java-based clients when using a certificate with more than 1024 bits?</a></h3>
+ <p>Beginning with version 2.5.0-dev as of 2013-09-29,
+ <code class="module"><a href="../mod/mod_ssl.html">mod_ssl</a></code> will use DH parameters which include primes
+ with lengths of more than 1024 bits. Java 7 and earlier limit their
+ support for DH prime sizes to a maximum of 1024 bits, however.</p>
+
+ <p>If your Java-based client aborts with exceptions such as
+ <code>java.lang.RuntimeException: Could not generate DH keypair</code> and
+ <code>java.security.InvalidAlgorithmParameterException: Prime size must be
+ multiple of 64, and can only range from 512 to 1024 (inclusive)</code>,
+ and httpd logs <code>tlsv1 alert internal error (SSL alert number 80)</code>
+ (at <code class="directive"><a href="../mod/core.html#loglevel">LogLevel</a></code> <code>info</code>
+ or higher), you can either rearrange mod_ssl's cipher list with
+ <code class="directive"><a href="../mod/mod_ssl.html#sslciphersuite">SSLCipherSuite</a></code>
+ (possibly in conjunction with <code class="directive"><a href="../mod/mod_ssl.html#sslhonorcipherorder">SSLHonorCipherOrder</a></code>),
+ or you can use the <code class="directive"><a href="../mod/mod_ssl.html#sslcertificatefile">SSLCertificateFile</a></code>
+ directive to configure custom DH parameters with a 1024-bit prime, which
+ will always have precedence over any of the built-in DH parameters.</p>
+
+ <p>To generate custom DH parameters, use the <code>openssl dhparam</code>
+ command. Alternatively, you can append the following standard 1024-bit DH
+ parameters from <a href="http://www.ietf.org/rfc/rfc2409.txt">RFC 2409</a>,
+ section 6.2 to the respective
+ <code class="directive"><a href="../mod/ssl.html#sslcertificatefile">SSLCertificateFile</a></code> file:</p>
+ <div class="example"><pre>-----BEGIN DH PARAMETERS-----
+MIGHAoGBAP//////////yQ/aoiFowjTExmKLgNwc0SkCTgiKZ8x0Agu+pjsTmyJR
+Sgh5jjQE3e+VGbPNOkMbMCsKbfJfFDdP4TVtbVHCReSFtXZiXn7G9ExC6aY37WsL
+/1y29Aa37e44a/taiZ+lrp8kEXxLH+ZJKGZR7OZTgf//////////AgEC
+-----END DH PARAMETERS-----</pre></div>
+
+
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="support" id="support">mod_ssl Support</a></h2>
projects / thirdparty / apache / httpd.git / commitdiff
