The Mod_ssl 2.8.x issue which is affecting your PCI compliance is a false positive as far as our servers are concerned. We run Apache 2.2.x on our servers which has inbuilt mod_ssl support and the version of mod_ssl is same as what we have for Apache due to this.
The mod_ssl official site is http://www.modssl.org/ and you can see that there is no mod_ssl version available for Apache 2.x or 2.2.x at this time. The mod_ssl 2.8.xx versions are all available for a much older version of Apache (i.e 1.3.xx). You need to file in a false positive report for this issue with your PCI scanning company for this issue.