Question TLS 1.2 ok only if NGINX running

Discussion in 'Plesk 12.x for Linux' started by Pascal_Netenvie, Feb 16, 2017 at 7:10 AM.

  1. Pascal_Netenvie

    Pascal_Netenvie Regular Pleskian

    11
    60%
    Messages:
    100
    Likes Received:
    2
    Trophy Points:
    132
    Location:
    Marseille (France)
    Hello,
    I actually test https on website on a server with Plesk 12.5 and Debian 8.

    If Nginx run i get this :
    Secure Connection
    The connection to this site is encrypted and authenticated using a strong protocol (TLS 1.2), a strong key exchange (ECDHE_RSA with P-256), and a strong cipher (AES_128_GCM).

    But if it don't run (Apache only) i get this :
    Obsolete Connection Settings
    The connection to this site uses an obsolete protocol (TLS 1.0), a strong key exchange (ECDHE_RSA with P-256), and an obsolete cipher (AES_256_CBC with HMAC-SHA1).

    How to solve that and get TLS1.2 even without NGINX ?

    Regards.
     
  2. IgorG

    IgorG Forums Analyst Plesk Team

    37
     
    Messages:
    22,378
    Likes Received:
    625
    Trophy Points:
    882
    Location:
    Novosibirsk, Russia
    As far as I remember in order to use TLSv1.2 for SSLProtocol, you need at least Apache version 2.2.23 (in addition to OpenSSL 1.0.1 or higher).
    If it is ok, define

    SSLProtocol TLSv1.2

    in Apache ssl.conf.
     

Share This Page

Loading...