How to Enable TLS 1.2 in mod_ssl and Apache SSL 2.0 and SSL 3.0 having lots of known vulnerabilities like POODLE (CVE-2014-3566), That’s why latest browsers has removed supported to these vulnerable protocols. We also recommend to move your server to use TLS versions and specifically to TLS 1.2. This tutorial will help you to enable TLS 1.2 in mod_ssl and Apache server.
Enable TLS 1.2 Only
Edit Apache ssl configuration file on your server and add following settings. This will disable all older protocols and you Apache server and enable TLSv1.2 only.
SSLProtocol -all +TLSv1.2
Enable TLS 1.1 and 1.2 Both
As per article written here POODLE vulnerability expands beyond SSLv3 to TLS 1.0 and 1.1. So we don’t recommend to use this for production server but if you want to enable this for your development. You can do following configuration.
SSLProtocol -all +TLSv1.1 +TLSv1.2
After making changes in your configuration file, restart Apache service to apply new settings.
Was this Tutorial helpful? Help others share on Facebook, Twitter, and Google Plus!