Disable TLS 1.0 not working

Discussion in 'Server Operation' started by darkness_08, Oct 7, 2018.

  1. darkness_08

    darkness_08 New Member

    Currently I'm trying to disable TLS1.0 on my Apache 2.4.
    I added the following line in ISPConfig:

    SSLProtocol -all +TLSv1.2
    But ssllabs still says:
    How can I set SSLProtocol. I've tried ssl.conf to set it global but it didn't work either.
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    I doubt that setting SSLProtocol for a single vhost can work. I guess you will have to set it global plus ensure that no other vhost on that server uses a different setting for SSLProtocol.
  3. darkness_08

    darkness_08 New Member

    Thx Till,
    I found this:
    So, maybe it will work later.
    Btw. Where can I change the ISPConfig Default apache.vhost. Every single vhost contains:
    SSLProtocol All -SSLv2 -SSLv3
    Should I change the vhost.conf.master or is there another way?
  4. ahrasis

    ahrasis Well-Known Member

    Mostly in /usr/local/ispconfig/server/conf/; so copy the one that you need to /usr/local/ispconfig/server/conf-custom/ and modify there, as the one in /conf/ will be overwritten on ISPConfig update. Use resync to update all vhost automatically thereafter.

Share This Page