disable outdated version of SSL/TLS in apache

Hi Techrunnr readers, this document deals with how to disable outdated version of SSL/TLS in apache.


AS per the new PCI compliance following SSL protocols should be disabled from the server side.

  • TLS 1.0/1.1
  • SSL 2.0/3.0

The above SSL protocols don’t provide any sort of protection while data transfer. Some cases of TLS 1.0 leads to Man In the Middle attack.

Here are the following steps to disable above-mentioned SSL protocols,

Add the the ssl.conf in /etc/httpd/conf.d/ by commenting on the existing

SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1

Add the following line in the same file by commenting the existing.

SSLCipherSuite HIGH:!aNULL:!MD5:!3DES
SSLHonorCipherOrder on

Then do a service restart for applying the new configuration.

© 2018, Techrunnr. All rights reserved.

#1
Questions Answered
Articles Written
Overall Points

Prabhin Prabharkaran

He is Technical professional. He is a person who loves to share tricks and tips on the Internet. He Posts what he does!!

Leave a Reply

Please wait...

Subscribe to our newsletter

Want to be notified when our article is published? Enter your email address and name below to be the first to know.