Welcome! Log In Create A New Profile

Advanced

nginx 1.18.0 implicitly enables TLS 1.3 (with only "ssl_protocols TLSv1.2; " in nginx.conf config)

Previous Message Next Message
Forum List Message List New Topic Print View
Anonymous User
November 29, 2020 10:02AM
Hello,

I've noticed that nginx 1.18.0 always enables TLS 1.3 even if not
configured to do so. I've observed this behavior on OpenBSD with (nginx
1.18.0 linked against LibreSSL 3.3.0) and on Ubuntu 20.04 (nginx 1.18.0
linked against OpenSSL 1.1.1f). I don't know which release of nginx
introduced this bug.

From nginx.conf:
ssl_protocols TLSv1.2;
--> in my understanding, this config statement should only enable TLS
1.2 but not TLS 1.3. However, the observed behavior is that TLS 1.3 is
implicitly enabled in addition to TLS 1.2.

Best regards
Andreas

# nginx -V
nginx version: nginx/1.18.0
built with LibreSSL 3.2.2 (running with LibreSSL 3.3.0)
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Reply Quote
RSS
Subject Author Posted

nginx 1.18.0 implicitly enables TLS 1.3 (with only "ssl_protocols TLSv1.2; " in nginx.conf config)

Anonymous User November 29, 2020 10:02AM

RE: nginx 1.18.0 implicitly enables TLS 1.3 (with only "ssl_protocols TLSv1.2; " in nginx.conf config)

Thomas Ward November 29, 2020 11:26AM

Re: nginx 1.18.0 implicitly enables TLS 1.3 (with only "ssl_protocols TLSv1.2; " in nginx.conf config)

Andreas Bartelt November 30, 2020 05:54AM

Re: nginx 1.18.0 implicitly enables TLS 1.3 (with only "ssl_protocols TLSv1.2; " in nginx.conf config)

Maxim Dounin November 30, 2020 10:08AM

Re: nginx 1.18.0 implicitly enables TLS 1.3 (with only "ssl_protocols TLSv1.2; " in nginx.conf config)

Andreas Bartelt November 30, 2020 12:42PM

Re: nginx 1.18.0 implicitly enables TLS 1.3 (with only "ssl_protocols TLSv1.2; " in nginx.conf config)

Maxim Dounin November 30, 2020 05:40PM

Re: nginx 1.18.0 implicitly enables TLS 1.3 (with only "ssl_protocols TLSv1.2; " in nginx.conf config)

Andreas Bartelt December 01, 2020 06:12AM

Re: nginx 1.18.0 implicitly enables TLS 1.3 (with only "ssl_protocols TLSv1.2; " in nginx.conf config)

Sergey Kandaurov December 01, 2020 07:42AM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 213
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready