I'm using Apache 2.2.4 version. I already know this version only support SSLv2, SSLv3 and TLSv1.0, but something weird happens when I use it:
When SSLv2 is disabled, the web browser (internet explorer in my case) uses SSLv3
SSL 3.0, 3DES with 168 bit encryption (High); RSA with 2048 bit exchange.
When I enable SSLv2, the web browser uses TLSv1.0:
TLS 1.0, AES with 256 bit encryption (High); RSA with 2048 bit exchange
And finally when I disable both protocols (SSLv2 and v3), web page doesn't load at all!
I used this config for Apache:
SSLProtocol all SSLCipherSuite all
Would you please explain this for me? How can use TLSv1.0 without enabling SSLv2?