Update to TLS 1.3 With Apache

Written by: Robert R. Russell on Monday, August 31, 2020.

I moved this site to TLS 1.3 a few weeks ago. So far, it has been working great if I use a web browser. Unfortunately, no one has updated Curl to work with TLS 1.3. The is a major issue because Curl is the HTTP client library du jour for C or languages that use C’s Foreign Function Interface. Unfortunately, TLS 1.3 only breaks nearly all applications that use a web callback or WordPress’ APIs.

To add TLS 1.2 back as an option

#Add below the SSLCipherSuite for TLSv1.3
SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384

#Add +TLSv1.2 to the end of the SSLProtocol line
SSLProtocol -all +TLSv1.3 +TLSv1.2

©2020 Robert R. Russell — All rights reserved

Post Schedule Change
Don't Say One Year of Experience Required if You Won't Train