Skip to main content
OCLC Support

How do I turn off TLS 1.0 and TLS 1.1 protocols in EZproxy

  • EZproxy is allowing SSL protocols that you do not want it to allow
Applies to
  • EZproxy version 6.1.13 and newer
  1.  Add the OpenSSL command below before the LoginPortSSL directive in the config.txt to only allow TLS 1.2 protocols to be used with EZproxy
  2. SSLOpenSSLConfCmd Protocol TLSv1.2

  3. SSLOpenSSLConfCmd Protocol -TLSv1, -TLSv1.1 can be used if the first version does not work.

Additional information

This command SSLOpenSSLConfCmd Protocol  can also be used as a negative(-) to remove specific protocols from being allowed.  SSLOpenSSLConfCmd Protocol -TLSv1 is an example to stop EZproxy from accepting TLS 1 protocols.

Page ID