Skip to main content

Enforce TLS SSL Hardening

Overview

This script is designed to disable SSL 3.0, TLS 1.0, and TLS 1.1 at both server and client levels. Additionally, it disables below Cipher Suites:

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
TLS_RSA_WITH_AES_256_CBC_SHA256
TLS_RSA_WITH_AES_256_GCM_SHA384
TLS_RSA_WITH_AES_128_CBC_SHA256
TLS_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256

NOTE: A system reboot is required for all changes to take full effect.

Sample Run

Play Button > Run Automation > Script

SampleRun1

Automation Setup/Import

Automation Configuration

Output

Activity Details

Changelog

2026-04-10

Initial version of the document.

Overview
Sample Run
Automation Setup/Import
Output
Changelog
- 2026-04-10