4.48 HTTPS TLS and LISTSERV
We've been told we have to disable old, insecure cryptography protocols on our web server, including all versions of SSL, and TLS 1.0 and 1.1.
Will this have any affect on LISTSERV, the LISTSERV web interface, or LISTSERV Maestro?
Short answer: No.
Longer answer: LISTSERV and Maestro do not use your web server's cryptography protocols. They are used by the web server itself (and in the case of LISTSERV Maestro, by the Tomcat web server supplied with it).
However, the deprecated protocols have been effectively blocked in all modern web browsers since March of 2020 (with one exception, Internet Explorer, which Microsoft said would have had TLS 1.0 and 1.1 disabled by default by the end of June, 2020). So even if your web server offers the older protocols, it's unlikely anyone will be using them.
That being said, they should be disabled, according to most Internet experts, and disabling them WILL NOT affect LISTSERV or other L-Soft products. For instructions on how to do this, please refer to your web server's documentation.
A very good test suite to determine how secure your web server is can be found at Qualys SSL Labs.