apacheubuntu-12.04mod-ssl

SSL issue with apache 2.2/Ubuntu 12.04


We use apache 2.2, PHP 5.3 for a app running on Ubuntu 12.04 LTS. Currently we face a issue with ssltest.

"This server supports weak Diffie-Hellman (DH) key exchange parameters. Grade capped to B"

https://security.stackexchange.com/questions/53537/how-to-get-an-a-on-qualys-ssl-labs-with-apache-2-2

This problem can be resolved if we upgrade to apache 2.4 or if we upgrade to > 2.2.26.

Is there a safe way to upgrade to apache 2.4 without upgrading PHP?

Since the application won't run on higher versions of PHP.


Solution

  • https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1197884

    The above ticket addresses the issue. Version 2.2.22-1ubuntu1.9 of apache just released fixes it