Hope, mentioned version of OpenSSL, Apache & Linux OS will support TLS 1.2. Ran command ‘nmap –script ssl-enum-ciphers -p 443 hostname’ in linux and returned SSLv3, TLSv1.0 enabled. Gump became obsolete around the same time when many of the components used in Java projects became part of the standard Java API, and others such as Ant and. still same error.Īlso tried different set of SSLCipersuite from Set this SSLHonorCipherOrder in nf file both on / off. SSLProtocol -SSLv3 -TLSv1 -TLSv1.1 +TLSv1.2Īfter restarting httpd service, getting error ‘illegal Protocol TLSv1.1’ as below. Tried to enable TLS 1.2 in /conf/extra/nf in Apache 2.4.10 as below combinations.Īfter restarting httpd service, getting error ‘illegal Protocol TLSv1.2’ as below.ĪH00526: Syntax error on line 260 of /opt/NSAx/apache2.4-npservers/conf/extra/nf: The simplest Apache VirtualHost with SSL looks like below Īfter making changes in your configuration file, restart the Apache service to apply new settings.
#APACHE ANT OBSOLETE UPGRADE#
You must upgrade Apache packages before enabling TLS 1.3 in SSL settings. The Apache version 2.4.38 or higher versions support TLS v1.3. SSLCertificateKeyFile /etc/letsencrypt/live//privkey.pem The minimal Apache virtual host with SSL looks like this: This will disable all older protocols and your Apache server and enable TLSv1.2 only. Enable TLS 1.2 only in Apacheįirst, edit the virtual host section for your domain in the Apache SSL configuration file on your server and add set the SSLProtocol as followings. Generally Debian based systems have there files under /etc/apache2/sites-enabled directory.Īnd the Redhat (RPM) based system have there configuration in /etc/httpd/conf/nf file or a sperate file under /etc/httpd/conf.d directory. Also search for the SSL virtual host configuration file your system. To enable TLS 1.3 you must have Apache version 2.4.38 or higher on your system.
#APACHE ANT OBSOLETE INSTALL#
Install and Use Let’s Encrypt SSL with Apache.This tutorial will help you to enable TLS 1.2 and TLS 1.3 in mod_ssl and Apache servers. We also recommend moving your server to use TLS versions and specifically to TLS 1.2. All the SSL and TLS versions older than 1.2 are having lots of known vulnerabilities like POODLE (CVE-2014-3566), That’s why the latest browsers have removed support for these vulnerable protocols.