Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Unable to Enable only TLS1.0, 1.1 and 1.2 on apache

Discussion in 'Security' started by cseufert, Mar 1, 2018.

Tags:
  1. cseufert

    cseufert Member

    Joined:
    Aug 11, 2017
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Melbourne, Australia
    cPanel Access Level:
    Root Administrator
    Hi,

    I am running v68.0.29 and recently updated our server settings to only accept TLSv1.2, however we still need to support TLSv1.0 for some older clients.

    I have tried changing the SSLProtocols to many things via the whm apache configuration.

    -all +TLSv1.0 +TLSv1.1 +TLSv1.2
    TLSv1.0 +TLSv1.2
    all -SSLv2 -SSLv3 +TLSv1.0 +TLSv1.2

    and whenever I run an SSLlabs test, or try connecting with openssl client only the TLSv1.2 connection can be used.

    Open SSL command im using:
    openssl s_client -connect example.net:433 -tls1

    What am I missing?
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    43,245
    Likes Received:
    1,759
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    Try using this string:

    Code:
    All -SSLv2 -SSLv3
    Also, note that SSLLabs can sometimes cache data, so ensure the information you see from them is updated and not cached.

    Thank you.
     
Loading...

Share This Page