Question Need help with TLS

[Naveed A. Khan]

hello, according to ssllabs i have only TLS 1.2 enable on my server/domain

i want to enable TLS 1.1 and TLS 1.0
Any one here to guide me most simplest way to enable TLS 1.0 and TLS 1.1

 

[IgorG]

I hope this thread will help you - https://talk.plesk.com/threads/solv...to-enable-tls-1-0-tls-1-1-and-tls-1-2.337721/

 

[Naveed A. Khan]

well thank you but now i am stuck on:
/usr/local/psa/admin/conf/templates/custom/domain/nginxDomainVirtualHost.php

here is the code i need to edit!!!

<?php if ($OPT['ssl']): ?>
    ssl_ecdh_curve              secp384r1;
    ssl_dhparam                 /etc/ssl/dhparams.pem;
<?php $sslCertificate = $VAR->server->sni && $VAR->domain->physicalHosting->sslCertificate ?
    $VAR->domain->physicalHosting->sslCertificate :
    $OPT['ipAddress']->sslCertificate; ?>
<?php   if ($sslCertificate->ce): ?>
    ssl_certificate             <?php echo $sslCertificate->ceFilePath ?>;
    ssl_certificate_key         <?php echo $sslCertificate->ceFilePath ?>;
<?php       if ($sslCertificate->ca): ?>
    ssl_client_certificate      <?php echo $sslCertificate->caFilePath ?>;
<?php       endif ?>
    ssl_session_timeout                    5m;
    ssl_session_cache           shared:SSL:5m;
    ssl_prefer_server_ciphers              on;
    ssl_protocols               TLSv1 TLSv1.1 TLSv1.2; 
    ssl_ciphers                 EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:EDH+aRSA:!aNULL:!eNULL:!LOW:!RC4:!3DES:!MD5:!EXP:!PSK:!SRP:!SEED:!DSS:!CAMELLIA;
<?php   endif ?>
<?php endif ?>

now the point is do i need to replace any code in nginxDomainVirtualHost.php at line 33 or after line 33 ???

and secondly there is no such file "dhparams.pem" exist in "/etc/ssl/"

 

[Pascal_Netenvie]

If you run on plesk 12.5+ have also a look on this :
http://docs.plesk.com/en-US/12.5/ad...ce/tune-plesk-to-meet-pci-dss-on-linux.65871/

 

[Naveed A. Khan]

now i am getting this: