How To Enable TLS 1.3/1.2 in Apache

09 Sep

How To Enable TLS 1.3/1.2 in Apache

Enable TLS 1.2 only in Apache

Edit the virtual host section for your domain in the Apache SSL configuration file on your server and add set the SSLProtocol as follows.
This will disable all older protocols and your Apache server and enable only TLSv1.2

SSLProtocol -all +TLSv1.2

Sample Apache virtual host with SSL :

<VirtualHost *:443>
    ServerName www.example.com
    DocumentRoot /var/www/html

    SSLEngine on
    SSLProtocol -all +TLSv1.2
    SSLCertificateFile /etc/letsencrypt/live/example.com/cert.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
</VirtualHost>

Enable TLS 1.3 & 1.2 Both in Apache

Apache version 2.4.38 or higher versions support TLS v1.3.

Check Apache version

# apache2 -v
Server version: Apache/2.4.29 (Ubuntu)
Server built: 2020-08-12T21:33:25

SSLProtocol -all +TLSv1.2 +TLSv1.3

Sample Apache virtual host with SSL :

<VirtualHost *:443>
    ServerName www.example.com
    DocumentRoot /var/www/html

    SSLEngine on
    SSLProtocol -all +TLSv1.2 +TLSv1.3
    SSLCertificateFile /etc/letsencrypt/live/example.com/cert.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
</VirtualHost>

Restart the Apache service to apply new settings.

Power off a virtual machine in an ESXi host using the command line

Add static routes to Ubuntu under Netplan

How To Enable DNS-Over-HTTPS On Chrome, Firefox, Edge, Brave?