Mahfuz-SS-EHL
Verified User
- Joined
- Oct 11, 2019
- Messages
- 6
Hi,
I have followed this guideline to disable TLSv1.1 : https://www.directadmin.com/features.php?id=2442
I have the following 4 files,
/usr/local/directadmin/data/templates/custom/openlitespeed_listener.conf.CUSTOM.2.pre
/usr/local/directadmin/data/templates/custom/openlitespeed_redirect_vhost.conf.CUSTOM.2.pre
/usr/local/directadmin/data/templates/custom/openlitespeed_vhost.conf.CUSTOM.2.pre
/usr/local/directadmin/data/templates/custom/openlitespeed_ips.conf.CUSTOM.2.pre
with the code |?SSLPROTOCOL=24|
It disabled TLSv1.1 but I can't set specific cipher list from https://ssl-config.mozilla.org/#server=apache&server-version=2.4.39&config=intermediate or https://cipherli.st/
Can anyone tell me what codes will it need to set ciphers.
I tried,
SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305HE-RSA-AES128-GCM-SHA256HE-RSA-AES256-GCM-SHA384
It didn't help. I tried,
|?SSLCipherSuite=ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305HE-RSA-AES128-GCM-SHA256HE-RSA-AES256-GCM-SHA384|
It didn't help either. How to do this ??
I actually need these to be implemented,
SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305HE-RSA-AES128-GCM-SHA256HE-RSA-AES256-GCM-SHA384
SSLHonorCipherOrder off
SSLSessionTickets off
SSLUseStapling On
SSLStaplingCache "shmcb:logs/ssl_stapling(32768)"
But, this is Apache Setting. Please, guide.
I have followed this guideline to disable TLSv1.1 : https://www.directadmin.com/features.php?id=2442
I have the following 4 files,
/usr/local/directadmin/data/templates/custom/openlitespeed_listener.conf.CUSTOM.2.pre
/usr/local/directadmin/data/templates/custom/openlitespeed_redirect_vhost.conf.CUSTOM.2.pre
/usr/local/directadmin/data/templates/custom/openlitespeed_vhost.conf.CUSTOM.2.pre
/usr/local/directadmin/data/templates/custom/openlitespeed_ips.conf.CUSTOM.2.pre
with the code |?SSLPROTOCOL=24|
It disabled TLSv1.1 but I can't set specific cipher list from https://ssl-config.mozilla.org/#server=apache&server-version=2.4.39&config=intermediate or https://cipherli.st/
Can anyone tell me what codes will it need to set ciphers.
I tried,
SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305HE-RSA-AES128-GCM-SHA256HE-RSA-AES256-GCM-SHA384
It didn't help. I tried,
|?SSLCipherSuite=ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305HE-RSA-AES128-GCM-SHA256HE-RSA-AES256-GCM-SHA384|
It didn't help either. How to do this ??
I actually need these to be implemented,
SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305HE-RSA-AES128-GCM-SHA256HE-RSA-AES256-GCM-SHA384
SSLHonorCipherOrder off
SSLSessionTickets off
SSLUseStapling On
SSLStaplingCache "shmcb:logs/ssl_stapling(32768)"
But, this is Apache Setting. Please, guide.