Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Enable TLS 1.2 on cPanel

Discussion in 'Security' started by DPNmw, Apr 11, 2017.

Tags:
  1. DPNmw

    DPNmw Member

    Joined:
    Jan 6, 2016
    Messages:
    9
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    I would like to know if it's possible to enable tsl 1.2 support on my cpanel server and if yes where can I go to find information on that as I've been searching and can't find a direct up to date answer.

    I currently have a cloud vps with
    • CENTOS 6.9 x86_64 kvm
    • WHM 62.0 (build 20)

    • Easy Apache 4 (Apache 2.4, PHP 5.5, PHP 5.6, and PHP 7.0 )
     
    #1 DPNmw, Apr 11, 2017
    Last edited by a moderator: Apr 11, 2017
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,658
    Likes Received:
    1,427
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
  3. DPNmw

    DPNmw Member

    Joined:
    Jan 6, 2016
    Messages:
    9
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Unfortunately no, I need to know how to enable the TLS 1.2 and not conflict with cpanel.

    That reference document only explains the difference in tls and services impacted.

    Is there any document that you can link me to that will guide the change from 1.1 to 1.2 without breaking or conflicting with anything
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,658
    Likes Received:
    1,427
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    Could you provide some more background on what's leading to issues with TLS 1.2 so we can offer more concise instructions? For instance, is this for Apache, or another service (e.g. FTP, cpsrvd)? Is it related to a PCI compliance scan?

    Thank you.
     
  5. WorkinOnIt

    WorkinOnIt Well-Known Member

    Joined:
    Aug 3, 2016
    Messages:
    113
    Likes Received:
    7
    Trophy Points:
    18
    Location:
    UK
    cPanel Access Level:
    Root Administrator
    Hello - I also have this issue. How can I check if TLS 1.2 is possible / enabled on the cpanel server?

    The reason for doing this is PCI compliance. PayPal are mandating that all HTTPS traffic for e.g. IPN etc, must be TLS 1.2
    Date Change for Migrating from SSL and Early TLS
     
  6. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,658
    Likes Received:
    1,427
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    Support for TLS 1.2 connections is enabled by default with the OpenSSL package available in CentOS 6 or newer. If you are still using CentoS 5 (it's at end-of-life status), then the you'd need to use a manual workaround like the one referenced on the following thread:

    Update cPanel to TLS 1.2 without modifying system files [php5 + curlssl + apache2.4.x]

    The current plan is to automatically set TLS defaults to be suitable for TLS 1.2 only starting in cPanel version 68, however you can manually configure this now by following the instructions on the thread below:

    I need to disable TLS v1.0

    Thank you.
     
  7. WorkinOnIt

    WorkinOnIt Well-Known Member

    Joined:
    Aug 3, 2016
    Messages:
    113
    Likes Received:
    7
    Trophy Points:
    18
    Location:
    UK
    cPanel Access Level:
    Root Administrator
    Great thanks. I was able to see it listed in phpinfo also.
     
    cPanelMichael likes this.
Loading...

Share This Page