![]() ![]() Very helpful post but which OS and version of OpenSSL are you running? I note you are listing SHA512 ciphers. usr/local/psa/bin/server_pref -u -ssl-ciphers /usr/local/psa/bin/server_pref -s | grep ssl-* usr/local/psa/bin/server_pref -u -ssl-protocols 'TLSv1.2' I miss Strict Transport Security (HSTS) and OCSP Stapling, but the features are quite limited. To enable TLSv1.2 server-wide and activate strong ciphers, I did the following. Product version: Plesk Onyx 17.8.11 Update #35 To list security configuration of all services, run the command: On other operating systems, to implement TLS 1.3 for web, use Apache with nginx as a proxy. Note: TLS 1.3 support for Apache has been added in Apache 2.4.37 and later versions (currently available on Ubuntu 20, Debian 10 and CentOS 8). To enable particular ciphers, use the -ssl-ciphers option and specify required ciphers. # plesk bin server_pref -u -ssl-protocols 'TLSv1.2 TLSv1.3' In this example, we enable TLSv1.2 TLSv1.3 server-wide for all services: Use the plesk bin server_pref utility to manage TLS protocol versions. How to enable/disable TLS protocol versions in Plesk for Linux? Answer
0 Comments
Leave a Reply. |