Disable the SSL 3.0 protocol on the server enable TLS 1.0, 1.1, and 1.2

Disable the SSL 3.0 protocol on the server and enable TLS 1.0, 1.1, and 1.2.which make server Heartbleed vulnerability and upgrade server securities.

in virtualhost add below line in SSL 443 virtualhost.

SSLEngine on
SSLProtocol all -SSLv2 -SSLv3
SSLCertificateFile /path of certfiles/cert.crt
SSLCertificateKeyFile /path of certfiles/keyfile.key
SSLCertificateChainFile /path of certfiles/cert.ca-bundle

SSLProtocol all -SSLv2 -SSLv3

This line help to Disable the SSL 3.0 protocol on the server and enable TLS 1.0, 1.1, and 1.2.which make server Heartbleed vulnerability


For generate SSL tomcat certificate.p12  file.

openssl pkcs12 -export -in publicCert.pem -inkey privateKey.pem -out certificate.p12 -certfile bundle.txt

certfile bundle.txt ---- is cert.ca-bundle file contain
publicCert.pem  ----  is cert cert.crt file contain
privateKey.pem  ---- is cert key file contain

For Cpanel & WHM

Login to WHM, open up the Apache Configuration screen, and click on Include Editor

Under Pre Main Include, select All Versions. This way your server will be protected if you change your version of Apache. When selected, enter the following into the text box for CentOS/RHEL 6.x:

SSLHonorCipherOrder On
SSLProtocol -All +TLSv1 +TLSv1.1 +TLSv1.2

When selected, enter the following into the text box for CentOS/RHEL 5.x:

SSLHonorCipherOrder On
SSLProtocol -All +TLSv1

…and then click Update. Once you click update, you’ll be prompted to restart Apache; do so at this time.

Check same on
https://www.digicert.com/help/
Check for Heartbleed vulnerability