Welcome to Centmin Mod Community
Become a Member

Beta Branch add SSL_PROTOCOL_MODERN variable in 123.09beta01

Discussion in 'Centmin Mod Github Commits' started by eva2000, May 10, 2020.

  1. eva2000

    eva2000 Administrator Staff Member

    54,564
    12,224
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,793
    Local Time:
    9:49 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    add SSL_PROTOCOL_MODERN variable in 123.09beta01

    By default Nginx supports SSL protocols TLSv1.0, TLSv1.1, TLSv1.2 and TLSv1.3 (when used with OpenSSL 1.1.1 or BoringSSL). TLSv1.0 and TLSv1.1 will be deprecated by web browsers over the course of this year. So setting SSL_PROTOCOL_MODERN='y' in persistent config file /etc/centminmod/custom_config.inc prior to centmin.sh menu option 4 nginx recompiles/updates and/or running centmin.sh menu option after a cmupdate to pull and sync this commit update with your local Centmin Mod code, will edit /usr/local/nginx/conf/ssl_include.conf include file which is added to every Nginx vhost generated config file and remove TLSv1.0 and TLSv1.1 and leave only TLSv1.2 or TLSv1.2 + TLSv1.3 (when using OpenSSL 1.1.1 or BoringsSSL). Then just manually restart Nginx server for change to take effect :)

    Continue reading...

    123.09beta01 branch