Learn how to disable TLS 1.0 AWS Load Balancer. Our AWS Support team is here to help you with your questions and concerns.

How to Disable TLS 1.0 AWS Load Balancer

Transport Layer Security (TLS) helps set secure communication channels between systems. Since 1990, TLS has undergone multiple revisions. However, the original TLS 1.0 version and its successor, TLS 1.1, have vulnerabilities that are major significant security risks.

This is why our experts recommend disabling TLS 1.0 and TLS 1.1 completely and removing them as fallbacks.

Why Disable TLS 1.0?

1. SSL vulnerabilities like POODLE and BEAST, as well as man-in-the-middle attacks in early TLS versions, are common.
2. TLS 1.0 and TLS 1.1 have well-documented vulnerabilities.

How to Disable TLS 1.0 on AWS Application Load Balancer

1. To begin with, log in and go to the EC2 group.
2. Then, click Load Balancers under Load Balancing.
3. Next, locate the HTTPS listener on the Listeners tab at the bottom of the screen. Now click the Change link under the Cipher column.
4. Then, choose a policy that supports TLS 1.1 or higher in the Predefined Security Policies window. We have to make sure that TLS 1.0 and TLS 1.1 options are unchecked.
5. Finally, confirm the new changes by clicking Save.
6. Now, head back to the ALB listener tab and confirm that the new ELB Policy is updated. We can also use online TLS checker tools to make sure that there are no more vulnerabilities.

Let us know in the comments if you run into trouble with any of the above steps.

[Need assistance with a different issue? Our team is available 24/7.]

Conclusion

In brief, our Support Experts demonstrated how to disable TLS 1.0 and strengthen the security of our Load Balancer.