I want to enable TLS 1.2 in Ubuntu server 18.
I have edited the /etc/apache2/mods-available/ssl.conf
, adding
SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
SSLCipherSuite HIGH:!aNULL:!MD5:!3DES
SSLHonorCipherOrder on
but still Apache is using tls 1.0. Is it possible to activate tls 1.2?
The Apache version is Apache/2.4.29 (Ubuntu)
To enable TLS 1.2 in Apache, you will need to change/add the SSLProtocol directive.
To do any of this, mod_ssl should be enabled, if not, use the command sudo a2enmod ssl
.
SSLProtocol -all +TLSv1.2 #This makes Apache to support only TLSv1.2
You can also support TLSv1.3 if you have OpenSSL 1.1.1 or newer. You can check the OpenSSL version by running the command: openssl version
.
Edit:
You will also need Apache version 2.4.36 or more to use TLSv1.3.