• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • We are looking for U.S.-based freelancer or agency working with SEO or WordPress for a quick 30-min interviews to gather feedback on XOVI, a successful German SEO tool we’re looking to launch in the U.S.
    If you qualify and participate, you’ll receive a $30 Amazon gift card as a thank-you. Please apply here. Thanks for helping shape a better SEO product for agencies!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Resolved How to set SSL to use TLSv1.2 through Let's Encrypt?

C

Cawe COy

New Pleskian
Hello I am a new Plesker :)

I am using Lets Encrypt to generate SSL certificate automatically each 3 month. The current SSL is using TLSv1.0 but I need it to use TLSv1.2.

Additional info:

Code: 
# plesk -v
Product version: 12.5.30 Update #76
    Update date: 2018/05/07 04:11
     Build date: 2016/06/08 10:00
     OS version: CentOS 5.11
       Revision: 344620
   Architecture: 64-bit
Wrapper version: 1.2

I am using Nginx as server.

Also, I've tried to enable only TLSv1.2 in my server, but it's failed:

Code: 
# /usr/local/psa/bin/server_pref -u -ssl-protocols "TLSv1.2"
[2018-09-25 10:05:15] ERR [util_exec] proc_close() failed ['/usr/local/psa/admin/bin/sslmng' '--protocols' 'TLSv1.2'] with exit code [1]
sslmng failed: WARNING:Ignoring unsuppored protocol TLSv1.2
ERROR:No supported protocols supplied

Strange, because it seems that TLSv1.2 is available...

Code: 
# /usr/local/psa/bin/server_pref -s | grep ssl-protocols
ssl-protocols:    TLSv1 TLSv1.1 TLSv1.2

Can anyone help me to get this working?

Thanks in advance!
 
Last edited:
I just solved the problem...

  1. Change manually nginx config to
    Code: 
    ssl_protocols TLSv1.2;
  2. Download (wget) and install (configure, make & make install) curl 7.34 which is compatible with TLSv1.2. Check if version is correct now:
    Code: 
    curl --version
  3. Download (wget) and install (configure, make & make install) openssl 1.0.1 which is compatible with TLSv1.2. Check if version is correct now:
    Code: 
    openssl version
  4. Download (wget) and reinstall (configure, make & make install) php. At the "configure" part, reference the directory where is the just updated curl and openssl through the parameters
    Code: 
    --with-curl=/usr/bin
    and
    Code: 
    --with-openssl-dir=/usr/local/bin
    . Ps: to find the directory where is the openssl and curl installed, just run
    Code: 
    which openssl
    and
    Code: 
    which curl
 
You must log in or register to reply here.

Similar threads

A
Resolved Let's Encrypt certificate with SSL It -> using wrong certificates
Replies
14
Views
3K
lightingman2003
L
S
Issue Let's Encrypt Saving New Certificates under different Name
Replies
2
Views
1K
smpnjn
S
O
Resolved Enabling TLS 1.2 and 1.3 - Not working
Replies
10
Views
7K
learning_curve
learning_curve
M
Issue TLS/SSL configuration - DHE ciphers not working
Replies
5
Views
3K
learning_curve
learning_curve
M
Forwarded to devs SSL It! / Let's Encrypt - Could not obtain directory: Host must be a string
Replies
3
Views
2K
zanuda
zanuda
Back
Top