SSLTLS12

The SSLTLS12 option specifies whether to use the Transport Layer Security (TLS) 1.2 or later protocol for Secure Sockets Layer (SSL) sessions.

Syntax

Read syntax diagramSkip visual syntax diagram
>>-SSLTLS12--+-No--+-------------------------------------------><
             '-Yes-'   

Parameters

Yes
Specifies that the server might use the TLS 1.2 or later protocol for SSL sessions. If you specify the SSLTLS12=YES option and do not specify the SSLDISABLELEGACYTLS option, TLS 1.2 might be used.
No
Specifies that the server uses TLS 1.1 or earlier protocol for SSL sessions.
The SSLDISABLELEGACYTLS option overrides the SSLTLS12=NO option and enforces the rejection of SSL connection attempts that use levels earlier than TLS 1.2.
Table 1. TLS versions used by the server for the SSLTLS12 and SSLDISABLELEGACYTLS options
SSLTLS12 SSLDISABLELEGACYTLS TLS version that is used by the server
No* No* ≤ TLS 1.1
No* Yes ≥ TLS 1.2
Yes No* ≤ TLS 1.2
Yes Yes ≥ TLS 1.2
Notes:
  1. An asterisk (*) indicates the default for an option.
  2. ≤ A less than or equal symbol indicates the highest TLS version that is used by the server.
  3. ≥ A greater than or equal symbol indicates the lowest TLS version that is used by the server.

Example

Set TLS 1.2 as the protocol for SSL sessions:

SSLTLS12 yes
Related reference:
SSLDISABLELEGACYTLS
SSLINITTIMEOUT