How do I enable TLSv1.3 in nginx (server is setup using laravel forge)
In /etc/nginx/nginx.conf I have ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; and nginx is restarted
And in the vhost of the website itself I changed ssl_protocols TLSv1.2; to ssl_protocols TLSv1.2 TLSv1.3;
I requested a new LetsEncrypt certificate.
After testing it still not enabled and still uses TLSv1.2 curl -I -v --tlsv1.3 --tls-max 1.3 https://website…
What am I missing, I think I looked at each article on the internet.
nginx version: nginx/1.17.3 openssl version: OpenSSL 1.1.1 11 Sep 2018 (Library: OpenSSL 1.1.1d 10 Sep 2019)
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Hello,
You have the correct
ssl_protocols
setting in your configuration file, but you also need to make sure that you are using an OpenSSL version that supports TLSv1.3.You mentioned that you are using OpenSSL 1.1.1d, which does support TLSv1.3. However, you also need to make sure that your Nginx is compiled with this version of OpenSSL.
--with-openssl
flag in the output. If it’s not there or pointing to an older version of OpenSSL, you will need to recompile Nginx with the correct OpenSSL version.