Andrew Shay logo
Blog & Digital Garden
Home > Blog > Apache disable TLS_R...

Apache disable TLS_RSA_WITH_3DES_EDE_CBC_SHA after LetsEncrypt

2017-05-09

This guide is for Apache but might be similar for other web servers

If you've just installed Let's Encrypt certificates with Certbot on your web server and ran SSL Server Test, you might have warning saying your server supports TLS_RSA_WITH_3DES_EDE_CBC_SHA.

To drop support for this protocol you must

Also, here is the default conf file https://github.com/certbot/certbot/blob/master/certbot-apache/certbot_apache/options-ssl-apache.conf