• Please be aware: Kaspersky Anti-Virus has been deprecated
    With the upgrade to Plesk Obsidian 18.0.64, "Kaspersky Anti-Virus for Servers" will be automatically removed from the servers it is installed on. We recommend that you migrate to Sophos Anti-Virus for Servers.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Resolved How to set SSL to use TLSv1.2 through Let's Encrypt?

C

Cawe COy

New Pleskian
Hello I am a new Plesker :)

I am using Lets Encrypt to generate SSL certificate automatically each 3 month. The current SSL is using TLSv1.0 but I need it to use TLSv1.2.

Additional info:

Code: 
# plesk -v
Product version: 12.5.30 Update #76
    Update date: 2018/05/07 04:11
     Build date: 2016/06/08 10:00
     OS version: CentOS 5.11
       Revision: 344620
   Architecture: 64-bit
Wrapper version: 1.2

I am using Nginx as server.

Also, I've tried to enable only TLSv1.2 in my server, but it's failed:

Code: 
# /usr/local/psa/bin/server_pref -u -ssl-protocols "TLSv1.2"
[2018-09-25 10:05:15] ERR [util_exec] proc_close() failed ['/usr/local/psa/admin/bin/sslmng' '--protocols' 'TLSv1.2'] with exit code [1]
sslmng failed: WARNING:Ignoring unsuppored protocol TLSv1.2
ERROR:No supported protocols supplied

Strange, because it seems that TLSv1.2 is available...

Code: 
# /usr/local/psa/bin/server_pref -s | grep ssl-protocols
ssl-protocols:    TLSv1 TLSv1.1 TLSv1.2

Can anyone help me to get this working?

Thanks in advance!
 
Last edited:
I just solved the problem...

  1. Change manually nginx config to
    Code: 
    ssl_protocols TLSv1.2;
  2. Download (wget) and install (configure, make & make install) curl 7.34 which is compatible with TLSv1.2. Check if version is correct now:
    Code: 
    curl --version
  3. Download (wget) and install (configure, make & make install) openssl 1.0.1 which is compatible with TLSv1.2. Check if version is correct now:
    Code: 
    openssl version
  4. Download (wget) and reinstall (configure, make & make install) php. At the "configure" part, reference the directory where is the just updated curl and openssl through the parameters
    Code: 
    --with-curl=/usr/bin
    and
    Code: 
    --with-openssl-dir=/usr/local/bin
    . Ps: to find the directory where is the openssl and curl installed, just run
    Code: 
    which openssl
    and
    Code: 
    which curl
 
You must log in or register to reply here.

Similar threads

A
Resolved Let's Encrypt certificate with SSL It -> using wrong certificates
Replies
14
Views
3K
lightingman2003
L
S
Issue Let's Encrypt Saving New Certificates under different Name
Replies
2
Views
1K
smpnjn
S
O
Resolved Enabling TLS 1.2 and 1.3 - Not working
Replies
10
Views
6K
learning_curve
learning_curve
M
Forwarded to devs SSL It! / Let's Encrypt - Could not obtain directory: Host must be a string
Replies
3
Views
1K
zanuda
zanuda
Stuart De Usoz
Resolved Lets Encrypt not working
Replies
5
Views
3K
The 8th
The 8th
Back
Top