How do I set the TLS version of my certificate? - SSL Certificates| Alibaba Cloud Documentation Center

Supported TLS versions are TLS 1.1, TLS 1.2, and TLS 1.3. TLS 1.0 is disabled. A later version of TLS provides higher security of communication over HPPTS than an earlier version. However, a later version is less compatible with browsers than an earlier version. You can set the TLS version of the certificate that you install on your web server or Alibaba Cloud service based on your business requirements.

If your certificate is installed on a web server, you can find the ssl_protocols parameter in the certificate configuration file of the web server and modify the setting based on your business requirements. For example, if your certificate supports only TLS 1.1 and TLS 1.2, you can set the ssl_protocols parameter to TLSv1.1 TLSv1.2. If your certificate supports only TLS 1.3, you can append TLSv1.3 to ssl_protocols TLSv1.1 TLSv1.2.

If your certificate is installed on the following Alibaba Cloud services, see the references to set the TLS version of your certificate:

Anti-DDoS Pro and Anti-DDoS Premium: Customize a TLS policy
Web Application Firewall (WAF): Configure custom TLS settings
Server Load Balancer (SLB): Manage TLS security policies
Alibaba Cloud CDN: Configure TLS version control
Dynamic Route for CDN (DCDN): Configure TLS