Resolved How to set SSL to use TLSv1.2 through Let's Encrypt?

[Cawe COy]

Hello I am a new Plesker

I am using Lets Encrypt to generate SSL certificate automatically each 3 month. The current SSL is using TLSv1.0 but I need it to use TLSv1.2.

Additional info:

# plesk -v
Product version: 12.5.30 Update #76
    Update date: 2018/05/07 04:11
     Build date: 2016/06/08 10:00
     OS version: CentOS 5.11
       Revision: 344620
   Architecture: 64-bit
Wrapper version: 1.2

I am using Nginx as server.

Also, I've tried to enable only TLSv1.2 in my server, but it's failed:

# /usr/local/psa/bin/server_pref -u -ssl-protocols "TLSv1.2"
[2018-09-25 10:05:15] ERR [util_exec] proc_close() failed ['/usr/local/psa/admin/bin/sslmng' '--protocols' 'TLSv1.2'] with exit code [1]
sslmng failed: WARNING:Ignoring unsuppored protocol TLSv1.2
ERROR:No supported protocols supplied

Strange, because it seems that TLSv1.2 is available...

# /usr/local/psa/bin/server_pref -s | grep ssl-protocols
ssl-protocols:    TLSv1 TLSv1.1 TLSv1.2

Can anyone help me to get this working?

Thanks in advance!

 

[Cawe COy]

I just solved the problem...

1. Change manually nginx config to

   ssl_protocols TLSv1.2;

2. Download (wget) and install (configure, make & make install) curl 7.34 which is compatible with TLSv1.2. Check if version is correct now:

   curl --version

3. Download (wget) and install (configure, make & make install) openssl 1.0.1 which is compatible with TLSv1.2. Check if version is correct now:

   openssl version

4. Download (wget) and reinstall (configure, make & make install) php. At the "configure" part, reference the directory where is the just updated curl and openssl through the parameters

   --with-curl=/usr/bin

   and

   --with-openssl-dir=/usr/local/bin

   . Ps: to find the directory where is the openssl and curl installed, just run

   which openssl

   and

   which curl