Description
This directive can be used to control which versions of the SSL/TLS protocol will be accepted in new connections.
The available (case-insensitive) protocols are:
SSLv3 - This is the Secure Sockets Layer (SSL) protocol, version 3.0, from the Netscape Corporation. It is the successor to SSLv2 and the predecessor to TLSv1, but is deprecated in RFC 7568.
TLSv1 - This is the Transport Layer Security (TLS) protocol, version 1.0. It is the successor to SSLv3 and is defined in RFC 2246. It is supported by nearly every client.
TLSv1.1 (when using OpenSSL 1.0.1 and later) - A revision of the TLS 1.0 protocol, as defined in RFC 4346.
TLSv1.2 (when using OpenSSL 1.0.1 and later) - A revision of the TLS 1.1 protocol, as defined in RFC 5246.
all - This is a shortcut for "+SSLv3 +TLSv1" or - when using OpenSSL 1.0.1 and later - "+SSLv3 +TLSv1 +TLSv1.1 +TLSv1.2", respectively (except for OpenSSL versions compiled with the "no-ssl3" configuration option, where all does not include +SSLv3).