https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=34193 Bug ID: 34193 Summary: Default HTTPS template has outdated SSLProtocol value Change sponsored?: --- Product: Koha Version: master Hardware: All OS: All Status: NEW Severity: major Priority: P5 - low Component: Architecture, internals, and plumbing Assignee: koha-bugs@lists.koha-community.org Reporter: dcook@prosentient.com.au QA Contact: testopia@bugs.koha-community.org At the moment, debian/templates/apache-site-https.conf.in defaults to SSLProtocol +TLSv1.2 +TLSv1.1 +TLSv1 However, TLSv1.2 and TLSv1.3 are the only TLS versions that are supported globally at the moment. Both 1.1 and 1 are deprecated now, and are disabled in most systems. Where possible, you want to be using TLSv1.3, and failing that TLSv1.2. -- You are receiving this mail because: You are watching all bug changes. You are the assignee for the bug.