0

When I ran this command in my terminal:

openssl s_client -connect www.domain.com:465 -tls1

and it displayed this output:

SSL-Session:
Protocol : TLSv1
Cipher : ECDHE-RSA-AES256-SHA
Session-ID: B4C5934D812CAE5460DF87317C1AD76EF0998DD7B228EB631477DCB831B8
Session-ID-ctx:
Master-Key: F7D4F5FF850193E9C746AF3B59AE5B06892805AFC6528F82389684989441156D011FFB79D2D6E653C2ED4E568961
Start Time: 1654225000
Timeout : 7200 (sec)
Verify return code: 0 (ok)

Which I believe TLSv1.0 is enabled.

Currently the SSL protocols used by Exim are these:

+no_sslv2 +no_sslv3 +no_tlsv1 +no_tlsv1_1

Should I change it to:

+no_sslv2 +no_sslv3 +no_tlsv1_2 +no_tlsv1_3

Or to:

+no_sslv2 +no_sslv3

How do I know the possible values for these protocols on Exim? And is it safe to completely remove the TLS v1.0 and TLS v1.1?

Note that, I'm using WHM version 102.0.18.

Budianto IP
  • 101
  • 2

0 Answers0