disable outdated version of SSL/TLS in apache1 min read

Prabhin Prabharkaran Administrator
DevOps Engineer

He is a Technical professional. He is a person who loves to share tricks and tips on the Internet. He Posts what he does!

follow me

disable outdated version of SSL/TLS in apache

Hi Techrunnr readers, this document deals with how to disable outdated version of SSL/TLS in apache.

AS per the new PCI compliance following SSL protocols should be disabled from the server side.

  • TLS 1.0/1.1
  • SSL 2.0/3.0

The above SSL protocols don’t provide any sort of protection while data transfer. Some cases of TLS 1.0 leads to Man In the Middle attack.

Here are the following steps to disable above-mentioned SSL protocols,

Add the the ssl.conf in /etc/httpd/conf.d/ by commenting on the existing

SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1

Add the following line in the same file by commenting the existing.

SSLCipherSuite HIGH:!aNULL:!MD5:!3DES
SSLHonorCipherOrder on

Then do a service restart for applying the new configuration.

© 2018, Techrunnr. All rights reserved.

Questions Answered
Articles Written
Overall Points

Related posts

Leave a Reply