Child pages
  • The set-tls-settings Script
For cPanel & WHM version 70

Skip to end of metadata
Go to start of metadata


The /usr/local/cpanel/bin/set-tls-settings script configures a server's Secure Socket Layer (SSL) and Transport Layer Security (TLS) cipher suites and protocols for the following services:

  • Web Disk (cpdavd).
  • The cPanel server (cpsrvd).
  • The Dovecot® mail server (dovecot).
  • Exim configuration settings (exim).

For more information about these services, read our Service Manager documentation.

Run the /usr/local/cpanel/bin/set-tls-settings script

To run the /usr/local/cpanel/bin/set-tls-settings script on the command line, use the following format:

/usr/local/cpanel/bin/set-tls-settings [options]


This script accepts the following options:


Configure the SSL/TLS protocols if they do not currently exist on the server.



A standard OpenSSL cipher suite string.


For more information about cipher suites available to OpenSSL, read OpenSSL's Ciphers documentation.

 Click to view...

A colon-separated list of SSL/TLS protocols.

This option accepts the following protocols:

  • SSLv2
  • SSLv3
  • TLSv1
  • TLSv1.1
  • TLSv1.2

The service for which to set SSL/TLS protocols.

This option accepts the following services:

  • cpdavd
  • cpsrvd
  • dovecot

  • exim


Pass the --all option to set the SSL/TLS protocols for all of this option's services.


Restart the specified services to apply the changes.

If you do not pass this option, the script sets the configuration parameters and rebuilds the configuration files. Changes to the services may not display until after a restart.


  • This option requires you to pass a service option.
  • This option restarts all services when you pass the service option's --all option.
--verboseRun the script in verbose mode.--verbose

Additional documentation