How to disable TLSv1 in Apache 2.4 (Debian 8)?

IMB asked:

I have this line in /etc/apache2/mods-enabled/ssl.conf

SSLProtocol -all +TLSv1.2

However SSL checker whynopadlock still shows this:

enter image description here

Any ideas on how to completely disable TLSv1 in Apache 2.4 (Debian 8) ?

My answer:


With Apache I always specify them in reverse, i.e. disabling the unwanted protocols. This follows the documentation’s examples.

SSLProtocol all -SSLv3 -TLSv1

View the full question and any other answers on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.