February 08, 2022 06:15AM
ssl_protocols TLSv1.2 TLSv1.3;

server {
listen 443 ssl default_server;
ssl_reject_handshake on;
}

This does not allow ANY other server to be reached with TLSv1.3

server {
listen 443 ssl default_server;
ssl_certificate ssl/cert.pem;
return 444;
}

This allow ANY server to be reached with TLSv1.2 or TLSV1.3 (as configured).

See https://stackoverflow.com/questions/71023951/ssl-alert-number-70-with-tlsv1-3/71032567#71032567
Subject Author Posted

ssl_reject_handshake disallow TLSv1.3

rjvbzeoibvpzie February 08, 2022 06:15AM

Re: ssl_reject_handshake disallow TLSv1.3

Sergey Kandaurov February 08, 2022 08:04AM

Re: ssl_reject_handshake disallow TLSv1.3

rjvbzeoibvpzie February 08, 2022 03:55PM

Re: ssl_reject_handshake disallow TLSv1.3

noloader February 08, 2022 09:46PM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 131
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready