SSL-модуль Apache2

---

Возможно, вы просто забыли включить модуль SSL. Сначала убедитесь, что вы используете (как root илиsudo):

a2enmod ssl

Затем вы можете попробовать перезапустить веб-сервер Apache2.

---

Важные примечания для будущих читателей

SSL 1.0, 2.0, 3.0(wikipedia)Они больше не поддерживаются в последней версии OpenSSL.

TLS 1.0(википедия)

Эта версия TLS 1999 года, я бы посоветовал ее отключить.

TLS 1.1(википедия)

Эта версия TLS 2006 года, и ни одна текущая (2019 )ОС/программа явно не зависит от него, я бы посоветовал его тоже отключить.

Вы можете прочитать об устаревании версий до -1.2 в статье DigiCert . Выдержка следует:

Older Protocols Are a Security Risk The existence of TLS 1.0 and 1.1 on the internet primarily acts as a security risk—these protocols are almost universally supported by servers, but their use by clients is closer to the inverse. Clients that need to use these versions are suffering from their shortcomings. The rest of the internet is vulnerable to downgrade attacks (which force users onto weaker versions of TLS to exploit the known vulnerabilities) for almost no practical benefit. For most of these servers, older versions of TLS are likely left on “just in case,” or someone forgot to turn them off when they turned on newer versions.

TLS 1.2(википедия)

Независимо от того, что он был определен в 2008 году, в 2019 году он нам нужен из соображений совместимости.

TLS 1.3(википедия)

После стольких лет такое большое обновление протокола, что если вы можете включить его, пожалуйста, сделайте это уже.

Пример конфигурации модуля SSL

## Pseudo Random Number Generator (PRNG):
## Configure one or more sources to seed the PRNG of the SSL library.
## The seed data should be of good random quality.
## WARNING! On some platforms /dev/random blocks if not enough entropy
## is available. This means you then cannot use the /dev/random device
## because it would lead to very long connection times (as long as
## it requires to make more entropy available). But usually those
## platforms additionally provide a /dev/urandom device which doesn't
## block. So, if available, use this one instead. Read the mod_ssl User
## Manual for more details.
# I changed the default values of 512 to 1024
SSLRandomSeed    startup    builtin
SSLRandomSeed    startup    file:/dev/urandom    1024
SSLRandomSeed    connect    builtin
SSLRandomSeed    connect    file:/dev/urandom    1024

## Some MIME-types for downloading Certificates and CRLs
AddType    application/x-x509-ca-cert   .crt
AddType    application/x-pkcs7-crl      .crl

## Pass Phrase Dialog:
## Configure the pass phrase gathering process.
## The filtering dialog program (`builtin' is a internal
## terminal dialog) has to provide the pass phrase on stdout.
SSLPassPhraseDialog    exec:/usr/share/apache2/ask-for-passphrase

## Inter-Process Session Cache:
## Configure the SSL Session Cache: First the mechanism
## to use and second the expiring timeout (in seconds).
## (The mechanism dbm has known memory leaks and should not be used).
# I changed the default timeout of 300 to 600
SSLSessionCache           shmcb:${APACHE_RUN_DIR}/ssl_scache(512000)
SSLSessionCacheTimeout    600

## Disabling SSLSessionTickets ensures Perfect Forward Secrecy
## is not compromised if the server is not restarted regularly
# I changed the default value as I won't restart the webserver
SSLSessionTickets    Off

## Semaphore:
## Configure the path to the mutual exclusion semaphore the
## SSL engine uses internally for inter-process synchronization.
## (Disabled by default, the global Mutex directive consolidates by default this)
#Mutex    file:${APACHE_LOCK_DIR}/ssl_mutex    ssl-cache

## The protocols to enable:
## Available values: all, TLSv1, TLSv1.1, TLSv1.2, TLSv1.3
## SSLv2 and SSLv3 are no longer supported
# I prefer the latest TLSv1.3 and TLSv1.2 for compatibility reasons
# TLSv1 / TLSv1.1 are 20 / 13 years old, so decided to disable them
SSLProtocol    -all    +TLSv1.3 +TLSv1.2

# Enabling compression causes security issues in most setups (the so called CRIME attack).
SSLCompression Off

## SSL server cipher order preference:
## Use server priorities for cipher algorithm choice.
## Clients may prefer lower grade encryption. You should enable this
## option if you want to enforce stronger encryption, and can afford
## the CPU cost, and did not override SSLCipherSuite
## in a way that puts insecure ciphers first.
# I changed the default value because:
# - I can afford the extra CPU costs
# - I want to force the clients to honor my cipher preferences
SSLHonorCipherOrder    On

## SSL Cipher Suites:
## List the ciphers that the client is permitted to negotiate. See the
## ciphers(1) man page from the openssl package for list of all available options.
# I can always run `openssl ciphers` to find all currently available ciphers
# As for TLSv1.3 the TLS_AES_128_GCM_SHA256 is mandatory as per RFC 8446:
# https://tools.ietf.org/html/rfc8446#section-9
SSLCipherSuite    TLSv1.3    TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256
SSLCipherSuite    SSL        ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256


## Don't allow insecure renegotiation with clients which
## do not yet support the secure renegotiation protocol.
SSLInsecureRenegotiation    Off

## Forbid non-SNI clients to access name based virtual hosts
# I changed the default value as I want to
# reject all of the old / archaic clients
SSLStrictSNIVHostCheck    On

# Allow these elliptic curves and prefer the safe X25519 for TLSv1.3
SSLOpenSSLConfCmd    Curves    X25519:secp521r1:secp384r1:prime256v1

# Enable OSCP Stapling cache
SSLStaplingCache    shmcb:${APACHE_RUN_DIR}/ssl_stapling_cache(128000)

Почему я использую только шифры AES

Поскольку современные ЦП значительно ускоряют их Набор инструкций AES , как показано ниже: