Hi, I'm wondering where I can find the process to upgrade TLS from 1.1 to 1.3 ? I didn't find anything in aapanel settings/menus.

TLS 1.1 to TLS 1.3

Raffi

I admit I made a mistake in my previous message.
TLS 1.3 is active by default.

I'm looking to disable TLS 1.1 for a site (but doing it by default would be even better).

I thought removing the "TLS 1.1" from domainname.conf would be sufficient

And a stop/restart of NGNIX.

When I check online TLS 1.1 is still enabled.

So I think that changing *.conf files from /www/server/panel/vhost/ngnix is not the right way to do.

Raffi

Hi there, I'm looking for the same thing : disable TLS 1.1 for all my aaPanel websites.
How am I supposed to proceed please ? 🙂

aaPanel_Kern

Raffi
Hello, you can try to delete TLSV1.1 at the "Config" at the site.

Raffi

I'm not the author of the first message, and I don't know where to find the file you suggest.

In the website conf I have already this only (and TLS 1.1 is still active)

aaPanel_Kern

Raffi
Which website do you use to check SSL? I test here

Raffi

I have also tried to set value to
ssl_protocols TLSv1.3; and stp/restarted NGNIX

I'm still getting :

Raffi

There’s no link in your previous message.
I use https://www.ssllabs.com/ssltest

Raffi

I also have checked from my domain conf file here /www/server/panel/vhost/nginx (that's the same)

aaPanel_Kern

Raffi
Hello, use this tool to check.
https://geekflare.com/tools/tls-test

Raffi

aaPanel_Kern

It’s worst than everything in my case ! It’s says all TLS are enabled 🙁

Do you allow me to private message you my domain ?

aaPanel_Kern

Raffi
Try to delete all TLSV1.1 configurations of the site. Restart nginx again, and continue to check after a while
cd /www/server/panel/vhost cp -arpf nginx nginx_bak cd nginx sed -i 's/TLSv1.1//g' *.conf

Raffi

aaPanel_Kern
Great thanks !!!!! it worked as expected !
All my domains are now A+

and on your tool too

aaP_odiditech

aaPanel_Kern
plz i use apache hw do i delete all TLSV1.1 configurations

aaPanel_Kern

Hello, it is recommended to make a backup of the server before operating
apache prohibit-TLSv1.1

cd /www/server/panel/vhost/
cp -arpf apache apache_bak
cd apache
sed -i 's/-TLSv1$/-TLSv1 -TLSv1.1/g' *.conf

aaP_odiditech

informatiq

It seems that with Nginx at least you basically need to disable it for all your websites. It will not work if it is enabled for one and not for rest.