Welcome! Log In Create A New Profile

Advanced

RE: NGINX only enabling TLS1.2 ?

Previous Message Next Message
Forum List Message List New Topic Print View
Reinis Rozitis
April 18, 2018 03:32AM
> 3. Why does the protocol come up (even with the openssl command) as TLS_AES_256_GCM_SHA384 and not the TLS13 variants? ChaCha20-Poly1305 works in TLS1.2 just fine.

You can look at https://github.com/openssl/openssl/pull/5392

The default TLSv1.3 ciphersuites (and the way those are configured (https://github.com/openssl/openssl/commit/f865b08143b453962ad4afccd69e698d13c60f77) ) have been changed to: "TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256"

Maybe a developer can comment on this as it could be that nginx isn't fully compatible (and works just because the tlsv1.3 ciphers are always enabled) with the latest openssl pre/beta-release...

rr

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Reply Quote
RSS
Subject Author Posted

NGINX only enabling TLS1.2 ?

Tim Smith April 17, 2018 11:20AM

Re: NGINX only enabling TLS1.2 ?

A. Schulze April 17, 2018 11:42AM

RE: NGINX only enabling TLS1.2 ?

Reinis Rozitis April 17, 2018 01:48PM

Re: NGINX only enabling TLS1.2 ?

Eric Germann April 17, 2018 09:02PM

RE: NGINX only enabling TLS1.2 ?

Reinis Rozitis April 18, 2018 03:32AM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 172
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready