Enable TLS 1.2 Apache

apache tls1.2 tls1.0
Lorik H picture Lorik H · Jan 16, 2020 · Viewed 23.4k times · Source

I want to enable TLS 1.2 in Ubuntu server 18.

I have edited the /etc/apache2/mods-available/ssl.conf, adding 

SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
SSLCipherSuite HIGH:!aNULL:!MD5:!3DES
SSLHonorCipherOrder on

but still Apache is using tls 1.0. Is it possible to activate tls 1.2?

The Apache version is Apache/2.4.29 (Ubuntu)

Answer

Example person picture Example person · Jan 16, 2020

To enable TLS 1.2 in Apache, you will need to change/add the SSLProtocol directive.

To do any of this, mod_ssl should be enabled, if not, use the command sudo a2enmod ssl.

SSLProtocol -all +TLSv1.2 #This makes Apache to support only TLSv1.2

You can also support TLSv1.3 if you have OpenSSL 1.1.1 or newer. You can check the OpenSSL version by running the command: openssl version.

Edit:

You will also need Apache version 2.4.36 or more to use TLSv1.3.

Related questions

How should I proceed with upgrading to TLS 1.2?

EDIT: We have gotten a new server with updated openssl and are all set, so I'm voting to close this question. We got this email from Authorize.NET about some technical updates. I am trying to figure out what needs …

Read More
Error message "Forbidden You don't have permission to access / on this server"

I have configured my Apache by myself and have tried to load phpMyAdmin on a virtual host, but I received: 403 Forbidden You don't have permission to access / on this server My httpd.conf # # This is the main Apache HTTP server …

Read More
XAMPP, Apache - Error: Apache shutdown unexpectedly

I've just re-installed XAMPP, and when I try to start my Apache server in the XAMPP Control Panel, I now get the following errors: 16:50:25 [Apache] Status change detected: running 16:50:26 [Apache] Status change detected: stopped 16:50:26 [Apache] Error: Apache shutdown unexpectedly. 16:50:26 [Apache] …

Read More