On October 19, 2021, we have enabled single-sign-on for our Plesk Support Center to provide a seamless login/account experience. This implies that you’ll be able to use a single account across any of our web-facing properties.
If you had already registered your account at Plesk 360 (formerly known as My Plesk) please use one for login. Otherwise please re-register it using the same email address as your existing Zendesk login (support account). It’s essential that you use the same email address on our support center to ensure that your tickets stay attached to the same account.

Articles in this section

See more

How to check what SSL/TLS versions are available for a website on a Plesk server?

Avatar
Ivan Kamnev
Updated
Follow
Plesk for Windows Plesk for Linux kb: how-to ABT: Group A

Applicable to:

  • Plesk for Linux
  • Plesk for Windows

Question

How to check what SSL/TLS versions are available for a website on a Plesk server?

Answer

  1. Open the https://www.cdn77.com/tls-test link.
  2. Enter the domain name, into the search bar and press the Test now button:
    mceclip0.png
  3. In the next page see the Enabled SSL/TLS protocol versions section:
    mceclip1.png

Note: the more online services with SSL/TLS or vulnerability checkers can be found here.

Manually from the side of Linux server
  1. Log into the server via SSH.
  2. Execute the command:

    # nmap --script ssl-enum-ciphers -p 443 example.com | grep -E "TLSv|SSLv"

    Note: replace the example.com with the name of the required domain.

    The output will be as shown below:

    # | SSLv3: No supported ciphers found
      | TLSv1.0:
      | TLSv1.1:
      | TLSv1.2:

Note: in case the nmap utility is not installed on the sever, install it with the command:

    • For RHEL based systems (CentOS/CloudLinux):

      # yum install nmap -y

    • For Debian based systems (Ubuntu/Debian):

      # apt-get install nmap -y

Comments

2 comments

Sort by Date Votes
  • Avatar
    Jack Leonard

    Hi,

    I disabled TLS versions 1.0 and 1.1 and put the SSL settings to modern on my plesk server but cdn77.com tls test shows them still enabled. Also the nmap test shows them.
    I run Plesk Obsidian 18.0.27 Update #1 on Centos 7.

    Output of 

    ]# cat /etc/sw-cp-server/conf.d/ssl.conf
    ssl_protocols TLSv1.2;
    ssl_ciphers EECDH+AESGCM+AES128:EECDH+AESGCM+AES256:EECDH+CHACHA20:EDH+AESGCM+AES128:EDH+AESGCM+AES256:EDH+CHACHA20:EECDH+SHA256+AES128:EECDH+SHA384+AES256:EDH+SHA256+AES128:EDH+SHA256+AES256:EECDH+SHA1+AES128:EECDH+SHA1+AES256:EDH+SHA1+AES128:EDH+SHA1+AES256:EECDH+HIGH:EDH+HIGH:AESGCM+AES128:AESGCM+AES256:CHACHA20:SHA256+AES128:SHA256+AES256:SHA1+AES128:SHA1+AES256:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK:!KRB5:!aECDH;
    ssl_prefer_server_ciphers on;

     

    What do I miss?

    0
    Comment actions Permalink
  • Avatar
    Ivan Postnikov

    Hello Jack Leonard

    The displayed configuration is for Plesk Panel itself.

    Use this instruction: https://support.plesk.com/hc/en-us/articles/115000422229

    0
    Comment actions Permalink

Please sign in to leave a comment.

Have more questions? Submit a request

Related articles