Koozali.org: home of the SME Server

SMEserver v9x question (disable TSL 1.0 & 1.1)

Offline edb

  • *
  • 546
  • +0/-0
SMEserver v9x question (disable TSL 1.0 & 1.1)
« on: December 21, 2021, 01:17:16 AM »
Can someone tell me how I can go about disabling TSL 1.0 & 1.1 on my SME 9.2 server?
SSL labs test gives me a B rating due to them being enabled.
Any help appreciated, oh and I can't move to v10 yet for some app comparability issues.
Thanks

-edb
......

Offline idp_qbn

  • ****
  • 346
  • +0/-0
Re: SMEserver v9x question (disable TSL 1.0 & 1.1)
« Reply #1 on: December 21, 2021, 06:32:22 AM »
Do you really mean TSL 1.0 and 1.1 or is it TLS?

See the following : https://www.howtouselinux.com/post/ssl-vs-tls-and-how-to-check-tls-version-in-linux


Note that the article says SSL 1.0, 2.0 and 3.0 have been deprecated and TLS 1.0. and 1.1  have been deprecated.
That means they should not be used because they have exploitable vulnerabilities.

Cheers - and good luck. Move to SME 10 ASAP.

Ian
___________________
Sydney, NSW, Australia

Offline TerryF

  • grumpy old man
  • *
  • 1,821
  • +6/-0
« Last Edit: December 21, 2021, 07:28:21 AM by TerryF »
--
qui scribit bis legit

Offline edb

  • *
  • 546
  • +0/-0
Re: SMEserver v9x question (disable TSL 1.0 & 1.1)
« Reply #3 on: December 21, 2021, 07:55:17 AM »
Thank you to all for your replies.

Much appreciated.

Would anyone know how to correct this error as it is the last one I have to clean up.
Quote
This server does not support Forward Secrecy with the reference browsers. Grade capped to B.
« Last Edit: December 21, 2021, 08:05:43 AM by edb »
......

Offline Jean-Philippe Pialasse

  • *
  • 2,743
  • +11/-0
  • aka Unnilennium
    • http://smeserver.pialasse.com
Re: SMEserver v9x question (disable TSL 1.0 & 1.1)
« Reply #4 on: December 21, 2021, 04:22:20 PM »
yes upgrade to httpd 2.4.x.

in other words : migrate to SME 10 !

does anyone already told you so ;) ?

Offline edb

  • *
  • 546
  • +0/-0
Re: SMEserver v9x question (disable TSL 1.0 & 1.1)
« Reply #5 on: December 21, 2021, 04:30:01 PM »
yes upgrade to httpd 2.4.x.

in other words : migrate to SME 10 !

does anyone already told you so ;) ?

Fair enough. I will just leave it as is then. Thanks again
Hope to migrate sometime soon.
......