The /usr/local/cpanel/bin/set-tls-settings script configures a server's Secure Socket Layer (SSL) and Transport Layer Security (TLS) cipher suites and protocols for the following services:

For more information about these services, read our Service Manager documentation.

Run the /usr/local/cpanel/bin/set-tls-settings script

To run the /usr/local/cpanel/bin/set-tls-settings script on the command line, use the following format:

/usr/local/cpanel/bin/set-tls-settings [options]


This script accepts the following options:


Configure the SSL/TLS protocols if they do not currently exist on the server.



A standard OpenSSL cipher suite string.

For more information about cipher suites available to OpenSSL, read OpenSSL's Ciphers documentation.



A colon-separated list of SSL/TLS protocols.

This option accepts the following protocols:

  • SSLv2
  • SSLv3
  • TLSv1
  • TLSv1.1
  • TLSv1.2

The service for which to set SSL/TLS protocols.

This option accepts the following services:

  • cpdavd
  • cpsrvd
  • dovecot

  • exim

Pass the --all option to set the SSL/TLS protocols for all of this option's services.

--verboseRun the script in verbose mode.--verbose

Additional documentation