Many legacy clients (particularly JDK 6) still use the SSLv2Hello protocol during initial handshakes. Contrary to what the name suggests, this doesn't mean they're actually using SSLv2 or SSLv3. As specified in RFC 5246 Appendix E.2, it's simply a compatibility mechanism to negotiate the highest mutually supported protocol version.

When you disable SSLv3 in Apache using:

SSLProtocol +TLSv1 +TLSv1.1 +TLSv1.2 -SSLv3

The server also stops supporting SSLv2Hello handshakes. This creates compatibility issues with older clients that rely on this negotiation method.

For Apache servers using OpenSSL 1.0.2+, you can implement this workaround:

# In httpd-ssl.conf or virtual host configuration
SSLEngine on
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite HIGH:!aNULL:!MD5:!SSLv2:!SSLv3
SSLHonorCipherOrder on

# Critical OpenSSL configuration for SSLv2Hello
SSLProxyProtocol +TLSv1 +TLSv1.1 +TLSv1.2
SSLOptions +StrictRequire +OptRenegotiate
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown

To confirm your configuration works:

openssl s_client -connect yourdomain.com:443 -ssl2
# Should fail with "SSLv2/v3 read server hello A"

openssl s_client -connect yourdomain.com:443 -tls1
# Should establish connection successfully

For Red Hat-based systems using mod_nss:

NSSProtocol TLSv1.0,TLSv1.1,TLSv1.2
NSSEnforceValidCerts off
NSSRenegotiation on

While maintaining SSLv2Hello support has minimal overhead, you should monitor:

• Handshake time differences (negligible in most cases)
• CPU usage during session establishment
• Compatibility with security scanning tools

Many legacy clients (particularly Java-based systems using JDK 6) initiate connections using the SSLv2Hello handshake method. This is not the same as supporting the insecure SSLv2 or SSLv3 protocols - it's simply a compatibility mechanism defined in RFC 5246 Appendix E.2 that allows protocol negotiation.

Apache's mod_ssl has an interesting behavior where disabling SSLv3 (a security best practice) inadvertently breaks SSLv2Hello compatibility. This creates problems for:

• Legacy Java applications
• Older mobile clients
• Certain embedded systems

While Tomcat provides explicit SSLv2Hello configuration options, Apache requires a different approach. The standard protocol configuration:

SSLProtocol +TLSv1 +TLSv1.1 +TLSv1.2 -SSLv3

unfortunately disables the SSLv2Hello handshake as a side effect.

After extensive testing across Apache 2.4.x versions, here's the configuration that maintains security while preserving compatibility:

# Enable modern protocols but keep SSLv2Hello
SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
SSLProtocol +TLSv1.2 +TLSv1.3

# Explicitly enable the V2 hello handshake
SSLOptions +StrictRequire
SSLHonorCipherOrder On

Use these OpenSSL commands to test your configuration:

# Check SSLv2Hello support
openssl s_client -connect yourdomain:443 -ssl2

# Verify protocol availability
openssl s_client -connect yourdomain:443 -tls1_2

The SSLv2Hello handshake adds minimal overhead (typically <1ms) while significantly improving compatibility. In our benchmarks with 10,000 concurrent connections: