Please enable JavaScript. Many features of this site will not work with JavaScript disabled including comment submissions, contact forms, and login forms.

Can’t Disable Old Versions of SSL/TLS in Apache

Updated

|

By

So you changed your SSLProtocol directive to disable outdated SSL/TLS versions in Apache, but testing tools are still showing the old protocols enabled. I ran into this problem while upgrading a server recently.

It could be as simple as an unedited SSLProtocol entry. Use grep to see if you missed one. In my case, the problem was in the Let’s Encrypt configuration file /etc/letsencrypt/options-ssl-apache.conf.

Response

  1. Mark

    Thanks for your blog, nice to read. Do not stop.

Leave a Reply

Your email address will not be published. Required fields are marked *