How to enable TLS 1.2 in apache?

Question

The current enabled TLS on my server is "tls 1", how can i enable tls 1.2 on my ubuntu server, and do i have to upgrade my openssl first?

# apache2ctl -v
Server version: Apache/2.2.12 (Ubuntu)

# openssl version -a
OpenSSL 0.9.8g 19 Oct 2007
built on: Fri Dec  3 23:05:00 UTC 2010
platform: debian-amd64
options:  bn(64,64) md2(int) rc4(ptr,char) des(idx,cisc,16,int) blowfish(ptr2) 
compiler: gcc -fPIC -DOPENSSL_PIC -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -m64 -DL_ENDIAN -DTERMIO -O3 -Wa,--noexecstack -g -Wall -DMD32_REG_T=int -DMD5_ASM

score 4 · Answer 1 · answered Oct 19 '15 at 20:36

4

In order to use TLSv1.1 and TLSv1.2 for SSLProtocol, you need at least version 2.2.23 (in addition to OpenSSL 1.0.1 or higher).

Once you have the latest,

Add

SSLProtocol TLSv1.1

to

/etc/httpd/conf.d/ssl.conf

answered Oct 19 '15 at 20:36

Won Jun Bae

141
3

score 2 · Answer 2 · answered Jul 04 '15 at 11:24

2

First step is, you will have to upgrade your OpenSSL version to 1.0.1 or higher. Your current OpenSSL version does not support TLS 1.2.

answered Jul 04 '15 at 11:24

Kailash Aghera

121

How to enable TLS 1.2 in apache?

2 Answers2