The configuration settings i set in httpd.conf don't seem to be actually working. After restarting Apache I used some online SSL check type websites and it appears that Apache isn't using the SSLProtocol configurations.
Tests show that SSL v3 is still enabled even though it is set not to in my apache config file.
I've had to install a separate certificate in a different VZ container and followed the same process and everything appears to be working fine.
Here is what I have in my httpd.conf
SSLProtocol All -SSLv2 -SSLv3
SSLHonorCipherOrder On
SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5
<VirtualHost 1.1.1.1:443>
ServerName domain.org
ServerAlias www.domain.org
DocumentRoot /var/www/html
SSLEngine on
SSLCertificateKeyFile /etc/httpd/ssl/domain.org.key
SSLCertificateFile /etc/httpd/ssl/domain_org.crt
SSLCertificateChainFile /etc/httpd/ssl/bundle.crt
</VirtualHost>
Are there any settings that could be overriding the SSLProtocol configuration ? I just need a point in the right direction to try and figure out what it going on here as it is my understanding that i have everything setup correctly.
