Force TLSv1.2 on PMM?


I currently have setup PMM with no issues using the security settings following the below link:

However, as per our audit requirements I need to force TLSv1.2 on this connection for the web server. Just wondering if there is a config option somewhere that i can enable to perform this. I have tried creating the file: /etc/nginx/nginx.conf and forced ssl to ssl_protocols TLSv1.2; with no luck. At the moment, the web server allows TLS1.0, 1.1 and 1.2 but I’d like to restrict it to TLS1.2 only. Any help would be appreciated.



You can edit /etc/nginx/nginx-ssl.conf inside the container and run supervisorctl restart nginx

Awesome that worked! Did not know that the file existed within the container. Thank you so much! :slight_smile: