Toggle navigation

ssl_min_protocol_version

Type: enum
Default: TLSv1.2
Context: sighup
Restart: false
Values: [TLSv1, TLSv1.1, TLSv1.2, TLSv1.3]
Since: 12

Sets the minimum SSL/TLS protocol version to use. Valid values are currently: TLSv1, TLSv1.1, TLSv1.2, TLSv1.3. Older versions of the OpenSSL library do not support all values; an error will be raised if an unsupported setting is chosen. Protocol versions before TLS 1.0, namely SSL version 2 and 3, are always disabled.

The default is TLSv1.2, which satisfies industry best practices as of this writing.

Comments