Recently in the news was an announcement that the PCI standards in the UK will outlaw the use of TLS1.0.
Unfortunately, this means that we're going to have to stop using TLS1.0 on our web servers for ecommerce by summer next year.
We want to know for sure what percentage of our users are connecting to the site using TLS1.0 in order to determine the impact of this and what our response needs to be.
Is there a module or something for Apache that will allow us to do this? Can I just use the normal logging stuff?
The site has a lot of traffic, so logging SSL stuff on a debug level may quickly fill our hard disks...
Custom Log can be used with the following env variables: http://httpd.apache.org/docs/2.4/mod/mod_ssl.html#envvars
Examples just below that in the next section: http://httpd.apache.org/docs/2.4/mod/mod_ssl.html#logformats