TLS 1.1+ settings


We want to reject TLS 1.0 connections. I can’t find a place where this is set for HTTPD24/nginx. Where can we set the SSLProtocol?


If you are running OnDemand 1.5, check


There’s a section in that file

SSL Protocol support:

List the enable protocol levels with which clients will be able to

connect. Disable SSLv2 access by default:

SSLProtocol all -SSLv2

I think you could add a “-TLSv1”, etc. to that list. See

under SSLProtocol Directive for more info.

I think the file location is the same in older versions, but I don’t remember for sure,