SSL 2.0 and SSL 3.0 having lots of known vulnerabilities like POODLE (CVE-2014-3566), That’s why latest browsers has removed supported to these vulnerable protocols. We also recommend to move your server to use TLS versions and specifically to TLS 1.2. This tutorial will help you to enable TLS 1.2 in mod_ssl and Apache server.
Enable TLS 1.2 Only
Edit Apache ssl configuration file on your server and add following settings. This will disable all older protocols and you Apache server and enable TLSv1.2 only.
SSLProtocol -all +TLSv1.2
Enable TLS 1.1 and 1.2 Both
As per article written
here POODLE vulnerability expands beyond SSLv3 to TLS 1.0 and 1.1. So we don’t recommend to use this for production server but if you want to enable this for your development. You can do following configuration.
SSLProtocol -all +TLSv1.1 +TLSv1.2
After making changes in your configuration file, restart Apache service to apply new settings.
Thanks for Visit Here
Comments
Post a Comment