By default, TLS 1.0 and TLS 1.1 are disabled on your server as they are outdated protocols that are no longer considered secure. However, in rare circumstances you may need to enable these on your server.
For example, if your website provides an API to your users and some of your users have old API clients that do not support TLS 1.2+, you may need to enable support for these old TLS protocols.
It is not possible to enable old TLS versions for only a single app on a server. If you need to enable TLS 1.0 or 1.1, you'll need to enable them for all apps.
If enabling TLS 1.0 and 1.1 for an entire server is not an option but you must enable them for a single app, you will need to move that app to its own server.
To enable TLS 1.0 and TLS 1.1 on a server, SSH in to your server as root and run these commands:
echo 'ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;' > /etc/nginx-sp/http.d/enable_insecure_tls_versions.conf echo 'ssl_ciphers HIGH:!aNULL:!MD5;' >> /etc/nginx-sp/http.d/enable_insecure_tls_versions.conf sudo service nginx-sp restart
After following the instructions above, you can verify TLS 1.0 and TLS 1.1 are enabled by using the SSL Server Test from SSL Labs.