Skip to main content
OCLC Support

How do I turn off TLS 1.0 and TLS 1.1 protocols in EZproxy

Symptom
  • EZproxy is allowing SSL protocols that you do not want it to allow
Applies to
  • EZproxy version 6.1.13 and newer
Resolution
  1.  Add the OpenSSL command below before the LoginPortSSL directive in the config.txt to only allow TLS 1.2 protocols to be used with EZproxy
  2. SSLOpenSSLConfCmd Protocol TLSv1.2

Additional information

This command SSLOpenSSLConfCmd Protocol  can also be used as a negative(-) to remove specific protocols from being allowed.  SSLOpenSSLConfCmd Protocol -TLSv1 is an example to stop EZproxy from accepting TLS 1 protocols.

Page ID
25818