Learn about Centmin Mod LEMP Stack today
Register Now

Master Branch re-enable TLS 1.0 protocol by default

Discussion in 'Centmin Mod Github Commits' started by eva2000, Sep 2, 2018.

  1. eva2000

    eva2000 Administrator Staff Member

    41,388
    9,297
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +14,262
    Local Time:
    10:58 PM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    re-enable TLS 1.0 protocol by default

    Previous commit set new variable DISABLE_TLSONEZERO_PROTOCOL='y' by default to disable TLS 1.0. While more secure for sites and your visitors, it limits older web browser clients from accessing your HTTPS sites so renable it by default setting DISABLE_TLSONEZERO_PROTOCOL='n'. This allows end users to decide for themselves if they want to disable TLS 1.0 protocol support by setting in persistent config file /etc/centminmod/custom_config.inc the variable DISABLE_TLSONEZERO_PROTOCOL='y' and re-run centmin.sh once and exit to apply the change.

    Continue reading...

    Centmin Mod Github Master branch

    Master branch is where most recent commits are made as at May 24, 2015.
     
    • Agree Agree x 1
  2. dcg

    dcg Member

    53
    18
    8
    Oct 17, 2015
    Florida, USA
    Ratings:
    +34
    Local Time:
    8:58 AM
    1.15.x
    10.2.x
    My site has a number of older users 80s. Some of them are still running XP so TLS 1.0 is a must.
    That is why I like the dual cert setup. Can serve both old systems and new systems.
     
    • Informative Informative x 1
  3. eva2000

    eva2000 Administrator Staff Member

    41,388
    9,297
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +14,262
    Local Time:
    10:58 PM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    • Like Like x 1