1

I created a content management system (CMS) using Laravel Framework Version 5.4 and our server is running for TLS 1.0, Our checker for security for our website upgrade to TLS 1.2 after they upgrade it, they say that my laravel framework is not now compatible to TLS 1.2.

Question: How to make my laravel code compatible to TLS 1.2

Thanks.

Marian Ravelo
  • 39
  • 1
  • 4

1 Answers1

1

i don't think laravel has to do anything with TLS. It must me your web server (apache or nginx). Configure your webserver to support TLS 1.2

For apache you can look this answer

https://serverfault.com/questions/314858/how-to-enable-tls-1-1-and-1-2-with-openssl-and-apache

For Nginx you can look this

https://askubuntu.com/questions/319192/how-to-enable-tls-1-2-in-nginx

You might be using Guzzle with TSL 1.0, configure it to support 1.2. here is the link

How do we specify TLS/SSL options in Guzzle?

To Support mysql to use TLS 1.2 configure it like this in my.cnf

[mysqld]
tls_version=TLSv1.1,TLSv1.2

For details check here https://dev.mysql.com/doc/refman/5.7/en/encrypted-connection-protocols-ciphers.html

Note: Prior to MySQL 5.7.10, MySQL supports only TLSv1, for both OpenSSL and yaSSL, and no system variable or client option exist for specifying which TLS protocols to permit.

rkj
  • 8,067
  • 2
  • 27
  • 33
  • then your laravel application is secured by TLS 1.2 – rkj Aug 03 '18 at 07:08
  • yah but the problem is there is conflict between SSL and TLS 1.2 what happening is we can't modify the content of website. like database connection ,it's still pointing on the old database. even the connection strings are updated to new one. – Marian Ravelo Aug 03 '18 at 07:14
  • check is your `Guzzle` client using TLS 1.0, if yes then force it to use TLS 1.2. Updated my answer check it. Also check is there any api that using TLS 1.0 and then configure them too to use 1.2 – rkj Aug 03 '18 at 07:16
  • but i don't install any Guzzle client in my application. – Marian Ravelo Aug 03 '18 at 07:22
  • did you check your mysql, does it configure to support TLS 1.2. i think default it support 1.0 – rkj Aug 03 '18 at 07:23
  • @MarianRavelo updated answer with mysql configuration need to support TLS 1.2 – rkj Aug 03 '18 at 07:31