How do I globally disable tlsv1.0 on my RHEL server?
Issue
- For security purposes, we wish to globally disable the use of TLSv1.0 within our environment. Specifically, it would be for PHP applications. Actually there are two parts: inbound & outbound:
Inbound: Prevent Apache/Nginx/etc. from establishing a TLS v1.0 connection with a remote client.
Outbound: Prevent any php application from establishing a TLS v1.0 connection with any remote server.
That said, its also part of our updated corporate security policy, so I need to know how to disable TLS v1.0 globally (if at all possible).
Environment
- Red Hat Enterprise Linux 7
- PHP
- Apache
- Nginx
- Openssl/TLS
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.