How To Enable TLS 1.3/1.2 in Apache

09 Sep

How To Enable TLS 1.3/1.2 in Apache

Enable TLS 1.2 only in Apache

Edit the virtual host section for your domain in the Apache SSL configuration file on your server and add set the SSLProtocol as follows.
This will disable all older protocols and your Apache server and enable only TLSv1.2

SSLProtocol -all +TLSv1.2

Sample Apache virtual host with SSL :

<VirtualHost *:443>
    ServerName www.example.com
    DocumentRoot /var/www/html

    SSLEngine on
    SSLProtocol -all +TLSv1.2
    SSLCertificateFile /etc/letsencrypt/live/example.com/cert.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
</VirtualHost>

Enable TLS 1.3 & 1.2 Both in Apache

Apache version 2.4.38 or higher versions support TLS v1.3.

Check Apache version

# apache2 -v
Server version: Apache/2.4.29 (Ubuntu)
Server built: 2020-08-12T21:33:25

SSLProtocol -all +TLSv1.2 +TLSv1.3

Sample Apache virtual host with SSL :

<VirtualHost *:443>
    ServerName www.example.com
    DocumentRoot /var/www/html

    SSLEngine on
    SSLProtocol -all +TLSv1.2 +TLSv1.3
    SSLCertificateFile /etc/letsencrypt/live/example.com/cert.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem
</VirtualHost>

Restart the Apache service to apply new settings.

How to install Redis on Ubuntu 18.04 & 16.04 LTS

Lets Encrypt Certs on Multiple Apache Virtual Hosts- Ubuntu

â€ character HTML code (WordPress)