Home » Categories » Products » Nagios XI » Troubleshooting » Common Problems

Disabling Outdated Versions of SSL/TLS

How to disable outdated versions of SSL/TLS in Apache

 

In order to provide the most robust security possible, old versions of SSL/TLS should be disabled. Most modern browsers support the newer and more secure versions of SSL/TLS so disabling the less secure and older versions of SSL/TLS should not hinder user experience.

To disable outdated versions of SSL/TLS in Apache:

  1. On your server, edit ssl.conf (usually located in /etc/httpd/conf.d).
  2. Find the line that begins with the following in the file: SSLProtocol all -SSLv2
  3. Comment out the line by adding a # before the line. This will disable TLS 1.0/1.1 and SSL 2.0/3.0.
  4. Add the following line underneath the line you have just commented out: SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
  5. Next, find the line that begins with the following in the file: SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5:!SEED:!IDEA
  6. Comment out the line by adding a # before the line.
  7. Add the following line underneath the line you have just commented out: SSLCipherSuite HIGH:!aNULL:!MD5:!3DES
    • This ensures the use of SSL encryption only with a high degree of protection.
  8. Add the following line underneath the line you just added: SSLHonorCipherOrder on 
    • This ensures that server cipher preferences are used and not the client preferences.
  9. Save and close the file.
  10. Restart the Apache service with the following command: service httpd restart
    • NOTE: This command will differ depending on your OS.

Be sure to test all applications that interact with your server. If you experience any problems, you can remove the comments (#) and added lines to return to the previous version of the file.

 

0 (0)
Article Rating (No Votes)
Rate this article
  • Icon PDFExport to PDF
  • Icon MS-WordExport to MS Word
Attachments Attachments
There are no attachments for this article.
Related Articles RSS Feed
Nagios XI - Display All Scheduled Reports
Viewed 1607 times since Wed, Oct 12, 2016
Nagios XI - Error while converting SVG
Viewed 1283 times since Thu, Aug 3, 2017
Nagios XI - MySQL/MariaDB - Max Connections
Viewed 14180 times since Thu, Jun 2, 2016
Nagios XI - Running Out Of Disk Space On The Nagios XI VM
Viewed 6267 times since Tue, Jan 27, 2015
Nagios XI - Notifications Not Sending In XI 5.3.0
Viewed 1619 times since Tue, Oct 4, 2016
Nagios XI - Event Data Is Stale
Viewed 1726 times since Wed, Jan 27, 2016
Nagios XI - Core 4 Load Spikes on 1.75 and 7 Hour Intervals
Viewed 1483 times since Mon, Jan 25, 2016
Nagios XI - Ajaxterm Installation Aborted
Viewed 1395 times since Tue, Jan 26, 2016
Slack Notifications Stopped Working
Viewed 938 times since Wed, Mar 18, 2020
Nagios XI - Apply Configuration Never Completes
Viewed 8472 times since Tue, Jan 27, 2015