Web Analytics

Disable TLS 1.0 and 1.1 in Apache and Nginx

All versions of the SSL/TLS protocol prior to TLS 1.2 are now deprecated and considered insecure. Many web server platforms still have TLS 1.0 and TLS 1.1 enabled by default. However, all modern web browsers are compatible with TLS 1.2. For this reason, it’s a good idea for website owners to check their server configuration to make sure that only current, secure versions of SSL/TLS are enabled and all others (including TLS 1.0, TLS 1.1, and SSL 3.0) are disabled.

This guide includes instructions for checking which versions of SSL/TLS are enabled on a website, disabling obsolete versions of SSL/TLS in Apache and Nginx, and shows examples of browser errors resulting from servers running only deprecated, insecure versions of SSL/TLS.

Check Enabled SSL/TLS Versions

Online Tools

You can quickly check the versions of SSL/TLS your website supports by visiting CDN77’s TLS Checker and entering the domain name you’d like to check. As can be seen below, https://example.com currently disables SSL versions 2 and 3, but enables all versions of TLS (including the deprecated TLS 1.1 and 1.0):

SSL/TLS versions supported by example.com

Nmap

You can also check for the SSL/TLS versions and ciphers supported by a website with the open-source nmap command-line tool:

nmap --script ssl-enum-ciphers -p <PORT> <DOMAIN NAME>

The default port for SSL/TLS is 443. The command below will generate a report for example.com:

$ nmap --script ssl-enum-ciphers -p 443 example.com
Starting Nmap 7.80 ( https://nmap.org ) at 2020-08-25 13:10 EDT
Nmap scan report for example.com (93.184.216.34)
Host is up (0.031s latency).
Other addresses for example.com (not scanned): 2606:2800:220:1:248:1893:25c8:1946

PORT    STATE SERVICE
443/tcp open  https
| ssl-enum-ciphers: 
|   TLSv1.0: 
|     ciphers: 
|       TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp256r1) - A
|       TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp256r1) - A
|       TLS_DHE_RSA_WITH_AES_128_CBC_SHA (dh 2048) - A
|       TLS_DHE_RSA_WITH_AES_256_CBC_SHA (dh 2048) - A
|       TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA (dh 2048) - A
|       TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA (dh 2048) - A
|       TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
|       TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (rsa 2048) - A
|       TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
|       TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (rsa 2048) - A
|       TLS_DHE_RSA_WITH_SEED_CBC_SHA (dh 2048) - A
|       TLS_RSA_WITH_SEED_CBC_SHA (rsa 2048) - A
|     compressors: 
|       NULL
|     cipher preference: server
|   TLSv1.1: 
|     ciphers: 
|       TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp256r1) - A
|       TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp256r1) - A
|       TLS_DHE_RSA_WITH_AES_128_CBC_SHA (dh 2048) - A
|       TLS_DHE_RSA_WITH_AES_256_CBC_SHA (dh 2048) - A
|       TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA (dh 2048) - A
|       TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA (dh 2048) - A
|       TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
|       TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (rsa 2048) - A
|       TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
|       TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (rsa 2048) - A
|       TLS_DHE_RSA_WITH_SEED_CBC_SHA (dh 2048) - A
|       TLS_RSA_WITH_SEED_CBC_SHA (rsa 2048) - A
|     compressors: 
|       NULL
|     cipher preference: server
|   TLSv1.2: 
|     ciphers: 
|       TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (secp256r1) - A
|       TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (secp256r1) - A
|       TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (dh 2048) - A
|       TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (dh 2048) - A
|       TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (secp256r1) - A
|       TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (secp256r1) - A
|       TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (secp256r1) - A
|       TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (secp256r1) - A
|       TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 (dh 2048) - A
|       TLS_DHE_RSA_WITH_AES_128_CBC_SHA (dh 2048) - A
|       TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 (dh 2048) - A
|       TLS_DHE_RSA_WITH_AES_256_CBC_SHA (dh 2048) - A
|       TLS_RSA_WITH_AES_128_GCM_SHA256 (rsa 2048) - A
|       TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA (dh 2048) - A
|       TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA (dh 2048) - A
|       TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
|       TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (rsa 2048) - A
|       TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
|       TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (rsa 2048) - A
|       TLS_DHE_RSA_WITH_SEED_CBC_SHA (dh 2048) - A
|       TLS_RSA_WITH_SEED_CBC_SHA (rsa 2048) - A
|     compressors: 
|       NULL
|     cipher preference: server
|_  least strength: A

Nmap done: 1 IP address (1 host up) scanned in 3.88 seconds

Server Configuration

Apache

To disable TLS 1.0 and 1.1 in Apache, you will need to edit the configuration file containing the SSLProtocol directive for your website. This file may be located in different places depending on your platform, version, or other installation details. Some possible locations are:

  • /usr/local/apache2/conf/extra/httpd-ssl.conf (default Apache installation)
  • /etc/apache2/mods-enabled/ssl.conf (Ubuntu/Debian)
  • /private/etc/apache2/extra/httpd-ssl.conf (macOS)

When you have located the correct configuration file, look for a line beginning with SSLProtocol. This example, from a default macOS Apache installation, disables SSLv3 with the - operator but enables TLS 1.0 and 1.1:

SSLProtocol all -SSLv3

You can disable all obsolete versions of SSL/TLS supported by Apache by specifying them as follows:

SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1

The configuration above enables TLS 1.2, as well as TLS 1.3 if it is available in your environment.

Apache and Virtual Hosts

Apache can run more than one web site on a single server. These virtual hosts may be based on IP number, port, or domain name, and may include settings that override the base configuraton for Apache. For this reason, you should check the settings for each virtual host in your configuration files, especially if your changes to the base SSL/TLS configuration do not seem to be working.

For versions of Apache prior to 2.4.42 (built/linked against OpenSSL before 1.1.1), it was not possible to specify different SSL/TLS protocols for name-based virtual hosts sharing the same base IP number and port – the SSLProtocol of the first virtual host was applied to all others. Beginning with Apache 2.4.42/OpenSSL 1.1.1, the SSLProtocol of each name-based virtual host is honored when the Server Name Indication (SNI) is provided by the client during the SSL/TLS handshake.

Once you have made your configuration changes, reload Apache to put them into effect. For more information on the SSLProtocol directive, please refer to Apache’s documentation.

Nginx

SSL/TLS protocol settings may be specified in the primary Nginx configuration file (usually located at /etc/nginx/nginx.conf), or in your site configuration files. Look for a line beginning with ssl_protocols. For example, the following is from the default nginx.conf file from a fresh Nginx install on Ubuntu:

ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE

You can edit this line so that only current, secure versions of SSL/TLS are included:

ssl_protocols TLSv1.2 TLSv1.3;

Note that any settings in your default SSL configuration may be overridden by server blocks configuring individual domain names, so be sure to check for those if changes to your protocol settings are not reflected in your website.

Once you have made your configuration changes, reload Nginx to put them into effect. For more information, please refer to Nginx’s documentation on configuring HTTPS servers.

TLS 1.0 and 1.1 Browser Errors

Because TLS versions 1.0 and 1.1 are currently regarded as insecure, most modern browsers will produce an error message if they encounter a website where these obsolete TLS versions are enabled but TLS 1.2 or 1.3 is not. Examples of these errors are shown below:

Google Chrome

Chrome testing was done with Chrome 84 on Windows 10. Screenshots are from Chrome. Note that the current version of Microsoft Edge (based on Chromium) displays the same error code as Chrome, accompanied by a slightly different text.

Google Chrome displays the following error message when it connects to a website running TLS 1.0 or 1.1:

Your connection is not fully secure
This site uses an outdated security configuration, which may expose your information (for example, passwords, messages, or credit cards) when it is sent to this site.
NET::ERR_SSL_OBSOLETE_VERSION

TLS 1.0 error message in ChromeClicking the Advanced button will display the following message, plus a link to proceed to the website, labeled unsafe:

The connection used to load this site used TLS 1.0 or TLS 1.1, which are deprecated and will be disabled in the future. Once disabled, users will be prevented from loading this site. The server should enable TLS 1.2 or later.

Advanced information about TLS 1.0 and 1.1 in Chrome

Mozilla Firefox

Firefox testing was done with Firefox 79.0 on Windows 10.

Mozilla Firefox produces the following error message when it connects to a website running TLS 1.0 or 1.1:

Secure Connection Failed
An error occurred during a connection to [URL]. Peer using unsupported version of security protocol.
Error code: SSL_ERROR_UNSUPPORTED_VERSION

This website might not support the TLS 1.2 protocol, which is the minimum version supported by Firefox. Enabling TLS 1.0 and 1.1 might allow this connection to succeed.
TLS 1.0 and TLS 1.1 will be permanently disabled in a future release.

Firefox TLS 1.0 and 1.1 error message

Clicking the Enable TLS 1.0 and 1.1 button may help load the site, but it is not a one-time exemption. To re-disable TLS 1.0 and 1.1, go to about:config in Firefox and set security.tls.version.enable-deprecated to false.

set security.tls.version.enable-deprecated to false

Apple Safari

Safari testing was done with Safari version 13.1.2 on macOS 10.15.6 (Catalina)

Apple’s Safari browser will load HTTPS websites using TLS 1.0 and 1.1, but will display a “Not Secure” message in the browser’s address bar.

TLS 1.0 site in Apple Safari

For More Information

To read about the security issues associated with earlier versions of TLS, please read our article, Deprecating early TLS for a safer Internet. For more information about the important differences between TLS 1.2 and TLS 1.3, check out TLS 1.3 is here to stay.

And, as always, if you have any questions, please contact us by email at Support@SSL.com, call 1-877-SSL-SECURE, or just click the chat link at the bottom right of this page. You can also find answers to many common support questions in our knowledgebase. Thank you for visiting SSL.com!

Twitter
Facebook
LinkedIn
Reddit
Email

Stay Informed and Secure

SSL.com is a global leader in cybersecurity, PKI and digital certificates. Sign up to receive the latest industry news, tips, and product announcements from SSL.com and stay informed of the latest changes about digital identity and encryption that can impact and enhance your life.

We’d love your feedback

Take our survey and let us know your thoughts on your recent purchase.