How to disable TLSv1 in Apache 2.4 (Debian 8)?

Question

I have this line in /etc/apache2/mods-enabled/ssl.conf

SSLProtocol -all +TLSv1.2

However SSL checker whynopadlock still shows this:

Any ideas on how to completely disable TLSv1 in Apache 2.4 (Debian 8) ?

score 0 · Answer 1 · answered Aug 26 '18 at 20:47

0

With Apache I always specify them in reverse, i.e. disabling the unwanted protocols. This follows the documentation's examples.

SSLProtocol all -SSLv3 -TLSv1

answered Aug 26 '18 at 20:47

Michael Hampton

Tried it but `whynopadlock` still shows the same warning – IMB Aug 27 '18 at 05:17

1 Answers1