Skip to content

Remove TLSv1 from used protocols in nginx and Apache2

Christian requested to merge (removed):master into master

Since 30.06.2018 the use of TLSv1 is prohibited if you want to get PCI-DSS certified. So please remove them from the web server templates. Also added the use of TLSv1.3. If libssl1.1 is not installed on the system nginx will just ignore the instruction to use it, so there should be no compatibility issues.

Source: https://blog.pcisecuritystandards.org/are-you-ready-for-30-june-2018-sayin-goodbye-to-ssl-early-tls

Merge request reports