👀 Views: 135 💬 Answers: 1 📅 Created: 2025-06-04

apache mod_ssl ssl https Apache

I'm trying to configure Hey everyone, I'm running into an issue that's driving me crazy. I'm working with an scenario with my Apache 2.4 server that uses mod_ssl for HTTPS. I've set up the server to enforce SSL connections, and while it works well for most clients, I have one specific client that is consistently receiving an 'SSL handshake failed' behavior. The client is using an older version of a common web application framework which might be causing compatibility issues. Here's the relevant part of my Apache configuration: ```apache <VirtualHost *:443> ServerName example.com DocumentRoot /var/www/html SSLEngine on SSLCertificateFile /etc/ssl/certs/example.com.crt SSLCertificateKeyFile /etc/ssl/private/example.com.key SSLCertificateChainFile /etc/ssl/certs/intermediate.crt SSLProtocol all -SSLv2 -SSLv3 SSLCipherSuite HIGH:!aNULL:!MD5 <Directory /var/www/html> AllowOverride All Require all granted </Directory> </VirtualHost> ``` I've checked the logs and see this behavior message in the Apache behavior log: ``` [ssl:warn] [pid 1234:tid 140123456789056] AH01906: SSLFipsMode set to 0 but the system was built with FIPS mode enabled. [ssl:info] [pid 1234:tid 140123456789056] AH01914: Connect failed (SSL handshake failed) for example.com:443 ``` I've already tried adjusting the `SSLProtocol` and `SSLCipherSuite`, but that didn't help. Additionally, I verified that the client's application is trying to connect with outdated SSL protocols which I have already disabled in my configuration. I suspect that the scenario might be related to the FIPS mode warning, but I'm not sure how to properly address it or if there's something else at play. Is there a recommended approach to troubleshoot this further or specific configurations I should consider to ensure compatibility with this client? For context: I'm using Apache on Linux. What's the best practice here? For context: I'm using Apache on Ubuntu 20.04. Is this even possible?