Apache TLS hardening in 2026 — ciphers, OCSP stapling, and the cert renewal pipeline

Every Apache install we audit has TLS config that someone copy-pasted from a Mozilla guide in 2019. The cipher suites are too long. The protocols still allow TLS 1.0 on a SSLProtocol all -SSLv3 line nobody updated. OCSP stapling is off because it failed once during a firewall change and never got re-enabled. Cert renewal is a Certbot cron that nobody monitors until it stops working.

This is the TLS config we ship on every managed Apache host in 2026.

The vhost SSL block

SSLProtocol             -all +TLSv1.2 +TLSv1.3
SSLHonorCipherOrder     off
SSLSessionTickets       off
SSLUseStapling          on
SSLStaplingResponderTimeout 5
SSLStaplingReturnResponderErrors off
SSLCipherSuite TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305
 
Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"

TLS 1.3 needs no SSLCipherSuite — its suites are negotiated independently. The SSLHonorCipherOrder off line is correct in 2026: modern clients pick the cipher better than your config does.

The full write-up covers:

• Why session tickets are disabled (forward secrecy isn't real if you re-use a ticket key for weeks)
• OCSP stapling — how to keep it from failing silently
• The certbot + apache-reload hook that survives certbot renew runs through hooks
• Cert monitoring: alerting at 30/14/7 days remaining, not at expiry
• The ssllabs-scan job we run weekly across the fleet
• HSTS preload — the irreversible decision and how to stage it

We ship this configuration on every managed Apache install.