Chapter 1. New features and enhancements

The archive file distributions of JBCS 2.4.62 Service Pack 1 for Red Hat Enterprise Linux (RHEL) versions 9 and 10 include a version.txt file that provides the following product version details:

httpd packaged with JBCS 2.4.62 SP1

From the 2.4.62 Service Pack 1 release onward, the JBCS archive file distribution for RHEL 9 supports the mod_auth_openidc package that the RHEL 9 platform provides.

From the 2.4.62 Service Pack 1 release onward, the default ssl.conf file disables all of the following older security protocols: SSLv2, SSLv3, TLSv1, and TLSv1.1

For example:

SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
SSLProxyProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1

This supersedes the behavior in earlier releases where the default ssl.conf file disabled the SSLv2 protocol only.

This enhancement helps to ensure that only the TLSv1.2 and TLSv1.3 protocols are used for secure connections by default.