Skip to main content

Posts

Showing posts from 2022

How to secure Zimbra Nginx to use strong encryption ciphers for TLS ?

Transport Layer Security (TLS) encrypts data sent over the Internet to ensure that eavesdroppers and hackers are unable to see what you transmit which is particularly useful for private and sensitive information such as passwords, credit card numbers, and personal correspondence.  Further reading: https://www.internetsociety.org/deploy360/tls/basics In this article we will learn how to secure Zimbra Nginx to use only strong encryption ciphers for TLS. Check the following version: root@mail:~# openssl version OpenSSL 1.1.1 11 Sep 2018 zimbra@mail:~$ nginx -v nginx version: nginx/1.20.0 zimbra@mail:~$ zmcontrol -v Release 9.0.0.ZEXTRAS.20220713.UBUNTU18.64 UBUNTU18_64 FOSS edition. How to configure Protocol version TLSv1.3 to existing  zimbraReverseProxySSLProtocols ?  Check existing protocol version and Add TLSv1.3 to existing Case 1: Example ( Add to existing ) $ zmprov gcf zimbraReverseProxySSLProtocols zimbraReverseProxySSLProtocols: TLSv1 TLSv1.1 TLSv1.2 Now add TLSv1.3 to exi