Hello,
I've noticed that nginx 1.18.0 always enables TLS 1.3 even if not
configured to do so. I've observed this behavior on OpenBSD with (nginx
1.18.0 linked against LibreSSL 3.3.0) and on Ubuntu 20.04 (nginx 1.18.0
linked against OpenSSL 1.1.1f). I don't know which release of nginx
introduced this bug.
From nginx.conf:
ssl_protocols TLSv1.2;
--> in my understanding, this config statement should only enable TLS
1.2 but not TLS 1.3. However, the observed behavior is that TLS 1.3 is
implicitly enabled in addition to TLS 1.2.
Best regards
Andreas
# nginx -V
nginx version: nginx/1.18.0
built with LibreSSL 3.2.2 (running with LibreSSL 3.3.0)
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx