Question TLS 1.2 ok only if NGINX running

Pascal_Netenvie · Feb 16, 2017

Hello,
I actually test https on website on a server with Plesk 12.5 and Debian 8.

If Nginx run i get this :
Secure Connection
The connection to this site is encrypted and authenticated using a strong protocol (TLS 1.2), a strong key exchange (ECDHE_RSA with P-256), and a strong cipher (AES_128_GCM).

But if it don't run (Apache only) i get this :
Obsolete Connection Settings
The connection to this site uses an obsolete protocol (TLS 1.0), a strong key exchange (ECDHE_RSA with P-256), and an obsolete cipher (AES_256_CBC with HMAC-SHA1).

How to solve that and get TLS1.2 even without NGINX ?

Regards.

IgorG · Feb 16, 2017

As far as I remember in order to use TLSv1.2 for SSLProtocol, you need at least Apache version 2.2.23 (in addition to OpenSSL 1.0.1 or higher).
If it is ok, define

SSLProtocol TLSv1.2

in Apache ssl.conf.

Pascal_Netenvie · Feb 23, 2017

Hi Igor,

Thanks i will check that.
Where is the file Apache ssl.conf. in a plesk 12+ configuration ?

Cheers.

Linulex · Feb 23, 2017

Plesk doesnt install apache, debian does that. The apache config i probably somewhere in /etc

in centos/rhel it is /etc/httpd

in debian its /etc/apache2 if i am correct.

https://wiki.debian.org/Apache

regards
Jan

Pascal_Netenvie · Mar 1, 2017

Hi,
To answer everyone :

First this server run Apache 2.2.22 so it can't run ok for TLS 1.2 ...
And conf is in /etc/apache2/mods-enabled/ssl.conf

Thx for help guys.
Cheers.

Question TLS 1.2 ok only if NGINX running

Pascal_Netenvie

Regular Pleskian

IgorG

Plesk addicted!

Pascal_Netenvie

Regular Pleskian

Linulex

Silver Pleskian

Pascal_Netenvie

Regular Pleskian

Similar threads