[Mon Jul 28 16:55:00.120780 2025] [ssl:warn] [pid 1789205:tid 1789205] AH02532: SSLProtocol: Protocol ‘all’ overrides already set parameter(s). Check if a +/- prefix is missing.
Dear developers. Please pay attention to this. After updating Apache and restarting, the warning that I posted above appears.
apache2 (2.4.64-2) unstable; urgency=medium
RFC 8996 published by the IETF in March 2021,
mandates the formal deprecation of Transport
Layer Security (TLS) versions 1.0 and 1.1 due
to significant security vulnerabilities and limitations.
These older protocols lack support for modern cryptographic
algorithms and are prone to exploits that threaten data
confidentiality and integrity. In alignment with RFC 8996,
we disable by default this protocols.
.
This change can cause older applications or systems
to break if they haven’t been updated to support
TLS 1.2 or 1.3.
– Bastien Roucariès [email protected] Thu, 17 Jul 2025 18:03:42 +0200
Maybe this will help someone
In the file /etc/apache2/mods-enabled/ssl.conf find the following line:
SSLProtocol all all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
And replace with - SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
That is, remove the duplicate parameter “all”
The problem was found on debian 12