Disable TLS 1.1 as default

smtalk

Administrator
Staff member
Joined
Aug 22, 2006
Messages
8,347
Location
LT, EU
It doesn't remove custom httpd-ssl.conf, if it's setup in /usr/local/directadmin/custombuild/custom/ap2/conf/extra/ (official method).

Regarding TLS v1.1 - maybe /usr/local/directadmin/custombuild/custom/ap2/conf/ is the reason, if there is something inside? :)
 

BodisHS

Verified User
Joined
Jan 30, 2017
Messages
8
It doesn't remove custom httpd-ssl.conf, if it's setup in /usr/local/directadmin/custombuild/custom/ap2/conf/extra/ (official method).

Regarding TLS v1.1 - maybe /usr/local/directadmin/custombuild/custom/ap2/conf/ is the reason, if there is something inside? :)
I removed "httpd-ssl.conf" from that folder. There is nothing else in that folder.
Any idea how i renew the config, so it will pick up your intermediate setting? I'm running nginx_apache, if that helps
 
Last edited:

smtalk

Administrator
Staff member
Joined
Aug 22, 2006
Messages
8,347
Location
LT, EU
What's the output of:
Code:
grep 'SSLProtocol' /etc/httpd/conf/extra/httpd-ssl.conf
 

BodisHS

Verified User
Joined
Jan 30, 2017
Messages
8
What's the output of:
Code:
grep 'SSLProtocol' /etc/httpd/conf/extra/httpd-ssl.conf
Sorry for the late response.
The output is: SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1

Update: Now it only providing TLS1.2. Might have been cache, but it's working now. Thankyou

Next step will be TLS 1.3, but will have to migrate to CentOS 8 for the newer OpenSSL 1.1.1
 
Last edited:
Top