TLS v1.0 & 1.1

radiocooke · February 3, 2026, 7:13pm

Are there plans to, or how do I disable TLS v1.0 and v1.1 on these devices? I specifically have the Comet GL-RM1 now running firmware 1.8.0 release 3.

Thanks,

minmie · February 4, 2026, 1:22am

root@rm10:~# cat /etc/kvmd/nginx/ssl.conf 
ssl_protocols TLSv1.3 TLSv1.2 TLSv1.1 TLSv1;
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
ssl_certificate /etc/kvmd/user/ssl/server.crt;
ssl_certificate_key /etc/kvmd/user/ssl/server.key;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;

remove `TLSv1.1 TLSv1` in this config

radiocooke · February 4, 2026, 2:38am

That worked, thank you!

jeff3820 · February 4, 2026, 11:35pm

Removing TLS 1.0 and 1.1 should be part of the next update