How to enable TLS 1.2 and TLS 1.3 in Linux?

JoshWP Team Posted onJanuary 3, 2023July 11, 2025

Have you been wondering how to enable TLS 1.2 and TLS 1.3 in Linux?

TLS (Transport Layer Security) is a cryptographic protocol that provides secure communication over the internet. It is used to establish secure connections between clients and servers, and it is used to encrypt data transmitted between them. There are several versions of TLS, with TLS 1.0, 1.2, and 1.3 being the most commonly used. In this article, we will show you how to enable TLS 1.2 and 1.3 in Linux.

To disable TLS 1.0 and enable TLS 1.2 and 1.3 in Linux, you will need to edit the configuration files of your web server software. The exact steps will vary depending on the web server software you are using. Here are the steps for some common web servers:

How to enable TLS 1.2 and TLS 1.3 in Apache

Open the Apache configuration file in a text editor. The file is usually located at /etc/apache2/apache2.conf.
Add the following lines to the configuration file:

SSLProtocol all -TLSv1 -TLSv1.1
SSLHonorCipherOrder on
SSLCipherSuite ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256

Save the configuration file and restart Apache.

How to enable TLS 1.2 and TLS 1.3 in Nginx

Open the Nginx configuration file in a text editor. The file is usually located at /etc/nginx/nginx.conf.
Add the following lines to the configuration file:

ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256;

Save the configuration file and restart Nginx.

How to enable TLS 1.2 and TLS 1.3 in Lighttpd

Open the Lighttpd configuration file in a text editor. The file is usually located at /etc/lighttpd/lighttpd.conf.
Add the following lines to the configuration file:

ssl.honor-cipher-order = "enable"
ssl.cipher-list = "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECD

Disclosure: We may earn commission for purchases that are made by visitors on this site at no additional cost on your end. All information is for educational purposes and is not intended for financial advice. Read our affiliate disclosure.

JoshWP Team

JoshWP Team comprises of WordPress and Tech experts led by Joshua, dedicated to providing quality tips and hacks on WordPress, Technology, and Finance.

WordPress Tips
How to set up DNS records at Dynadot (MX, TXT, @, A, CNAME)
ByJoshWP Team July 18, 2022July 11, 2025
This is a detailed guide on how to set up DNS records at Dynadot. Sometimes setting up your DNS record can give you a hard time, and if you mess up the records your domain may not function properly causing all kinds of errors on your website. That is why is necessary to know how…
WordPress Tips
How to add H1 tag in Kadence theme
ByJoshWP Team August 5, 2022July 11, 2025
Are using the Kadence theme and are you getting an H1 tag error when you run an SEO analysis on your website? This error simply indicates that you have not added an H1 tag in Kadence theme. In this article, you will learn how to add H1 tag in Kadence theme. Search engines use the…
WordPress Tips
Best places to find excellent Christian writers
ByJoshWP Team January 5, 2023July 11, 2025
Wondering which are the best places to find excellent Christian writers? There are many places to find excellent Christian writers, but three of the best options are Fiverr, Upwork, and KWorks. Each of these platforms has its own unique features and benefits, as well as some drawbacks. Here is a closer look at each of…
WordPress Tips
How to Utilize Geo-Blocking to Control What Your Visitors Access
ByJoshWP Team August 2, 2025August 1, 2025
How to Utilize Geo-Blocking to Control What Your Visitors Access A comprehensive guide to implementing geo-blocking technology, protecting your content, and enhancing user experience based on location Table of Contents 1. Introduction to Geo-Blocking 2. How Geo-Blocking Works 3. Benefits of Implementing Geo-Blocking 4. Implementation Methods 4.1. JavaScript Implementation 4.2. PHP Implementation 4.3. AWS CloudFront…
WordPress Tips
Hreflang Tag SEO: Complete Guide for Multi-Regional & Multilingual Websites
ByJoshWP Team August 4, 2025August 1, 2025
The Complete Hreflang Tag SEO Guide Master Multi-Regional & Multilingual Website Optimization If you’re running a multi-regional or multilingual website, implementing proper Hreflang tag SEO is crucial for international search engine optimization success. This comprehensive guide will walk you through everything you need to know about Hreflang tag SEO for multi-regional websites, from basic implementation…
WordPress Tips
How to redirect to a new domain using Rank Math: Bulk Redirection using rank math
ByJoshWP Team January 18, 2023July 11, 2025
Rank Math SEO plugin makes it super easy to redirect any URL to a URL of your choice. I will explain to you how to redirect to a new domain using Rank Math using simple steps. The same method can be used to perform Bulk Redirection using rank math. There are different types of redirections…

How to enable TLS 1.2 and TLS 1.3 in Apache

How to enable TLS 1.2 and TLS 1.3 in Nginx

How to enable TLS 1.2 and TLS 1.3 in Lighttpd

Similar Posts

Leave a Reply Cancel reply