Here is what is set in my httpd.conf
SSLProtocolDisable SSLv2 SSLv3 TLSv10 TLSv11
SSLProtocolEnable TLSv12
SSLCipherSpec ALL NONE
SSLCipherSpec TLSv12 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
SSLCipherSpec TLSv12 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
But your test says that TLS 1.1 is enabled. Any explanation ? thanks
Mr. Clement,
What you may be seeing is that TLS 1.0 could be getting used during the client hello part of your packets. Need to do a capture to be sure.
Typically I would recommend you disable ALL protocols then enable only the ones you want like you did for the CipherSpec.
I did this in Apache.
David