Enforcing TLS 1.2 and TLS 1.3 and Strong Ciphers
Introduction
FileCloud can be configured to use stronger SSL Protocol (TLSv1.2 and 1.3 only) instead of the default protocols. This article shows how to configure FileCloud server and clients to make use of the TLSv1.2 and TLSv1.3 protocols.
Server Configuration
In order to enable TLS 1.2 or TLS 1.3 , please edit the httpd configuration file.
OS Remarks Windows Configuration file is located at XAMPPROOT\apache\conf\extra\httpd-ssl.conf
For example, if you have installed xampp in c:\, then it will be C:\xampp\apache\conf\extra\http-ssl-conf
Ubuntu /etc/apache2/sites-enabled/000-default.conf
If you use a non-default site, please use appropriate configuration file.
Locate the SSLCipherSuite key and change it to
SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384- Locate the SSLProtocol key and change it to
SSLProtocol -all +TLSv1.3 +TLSv1.2 - This is the highest level of security possible.