Learn about Centmin Mod LEMP Stack today
Register Now

Featured Nginx Enabling BoringSSL TLS v1.3 with Centmin Mod Nginx HTTP/2 HTTPS Server

Discussion in 'Nginx and PHP-FPM news & discussions' started by eva2000, Aug 20, 2018.

Thread Status:
Not open for further replies.
  1. eva2000

    eva2000 Administrator Staff Member

    53,608
    12,139
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,683
    Local Time:
    2:34 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    Latest Centmin Mod 123.09beta01's Nginx now supports BoringSSL crypto library along with optional alternatives like LibreSSL and OpenSSL for Nginx HTTP/2 HTTPS usage. To enable BoringSSL TLS v1.3 support with Centmin Mod Nginx HTTP/2 HTTPS server, follow the instructions below.
    If you do not want to use BoringSSL with Nginx for TLS 1.3, the other option is using OpenSSL 1.1.1+ with Nginx for TLS 1.3.

    Enable Nginx BoringSSL TLS 1.3 Support



    Centmin Mod Nginx supports BoringSSL TLS v1.3 RFC 8446 final version, TLS v1.3 draft 23 and draft 28 as at August 30, 2018.

    To enable BoringSSL TLS v1.3 support, you'd want to be on Nginx 1.15.3+ which is only available on Nginx mainlines. Set the persistent config file /etc/centminmod/custom_config.inc set prior to centmin.sh menu option 4 Nginx compiles and when prompted for nginx version. If /etc/centminmod/custom_config.inc doesn't exist, create it first and add the override variable:
    Code (Text):
    BORINGSSL_SWITCH='y'
    

    Then ensure you're on latest Centmin Mod 123.09beta01 build code by running update command before running centmin.sh
    Code (Text):
    cmupdate
    

    Then run centmin.sh menu option 4 Nginx compiles and specify Nginx version equal to/greater than 1.15.3.
    Code (Text):
    --------------------------------------------------------
         Centmin Mod Menu 123.09beta01 centminmod.com
    --------------------------------------------------------
    1).  Centmin Install
    2).  Add Nginx vhost domain
    3).  NSD setup domain name DNS
    4).  Nginx Upgrade / Downgrade
    5).  PHP Upgrade / Downgrade
    6).  XCache Re-install
    7).  APC Cache Re-install
    8).  XCache Install
    9).  APC Cache Install
    10). Memcached Server Re-install
    11). MariaDB MySQL Upgrade & Management
    12). Zend OpCache Install/Re-install
    13). Install/Reinstall Redis PHP Extension
    14). SELinux disable
    15). Install/Reinstall ImagicK PHP Extension
    16). Change SSHD Port Number
    17). Multi-thread compression: pigz,pbzip2,lbzip2...
    18). Suhosin PHP Extension install
    19). Install FFMPEG and FFMPEG PHP Extension
    20). NSD Install/Re-Install
    21). Update - Nginx + PHP-FPM + Siege
    22). Add Wordpress Nginx vhost + Cache Plugin
    23). Update Centmin Mod Code Base
    24). Exit
    --------------------------------------------------------
    Enter option [ 1 - 24 ] 4
    --------------------------------------------------------
    

    Code (Text):
    Do you want to run YUM install checks ?  [y/n]
    
    This will increase your upgrade duration time wise.
    Check the change log centminmod.com/changelog.html
    to see if any Nginx or PHP related new additions
    which require checking YUM prequisites are met.
    If no new additions made, you can skip the
    YUM install check to speed up upgrade time.
    
     [y/n]: n
    

    Code (Text):
    **********************************************************************
    * Nginx Update script - Included in Centmin Extras
    * Version: 123.09beta01.b055 - Date: 31/09/2018 - Copyright 2011-2018 CentminMod.com
    **********************************************************************
    
    This software comes with no warranty of any kind. You are free to use
    it for both personal and commercial use as licensed under the GPL.
    
    Nginx Upgrade - Would you like to continue? [y/n] y
    
    Install which version of Nginx? (version i.e. type 1.15.3): 1.15.3
    

    End result is Nginx 1.15.3 + BoringSSL TLS v1.3 enabled crypto library.
    Note with BoringSSL, OCSP stapling isn't supported so nginx config tests will show
    Code (Text):
    nginx -t
    nginx: [warn] "ssl_stapling" ignored, not supported
    nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
    nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
    

    You can ignore that warning, or edit each of your Nginx vhosts and comment out ssl stapling related directives. DO NOT DELETE just comment out with hash # in front. As when you switch back to LibreSSL or OpenSSL based Nginx, you want to re-enable ssl_stapling.

    Verifying Nginx + BoringSSL TLS v1.3 Support



    You can use SSLLabs online tests at https://www.ssllabs.com/ssltest/index.html to verify if Nginx TLS 1.3 support is enabled. Current SSLabs will use TLS 1.3 draft 28 version.

    ssllabs-nginx-boringssl-tls13-01a.png ssllabs-nginx-boringssl-tls13-01b.png

    You can also use testssl to check against your Centmin Mod Nginx HTTP/2 HTTPS TLS 1.3 enabled site as well
    Code (Text):
    
     Testing protocols via sockets except NPN+ALPN
    
     SSLv2      not offered (OK)
     SSLv3      not offered (OK)
     TLS 1      offered
     TLS 1.1    offered
     TLS 1.2    offered (OK)
     TLS 1.3    offered (OK): draft 28, draft 23, final
     NPN/SPDY   not offered
     ALPN/HTTP2 h2, http/1.1 (offered)
    

    Code (Text):
     Testing cipher categories
    
     NULL ciphers (no encryption)                  not offered (OK)
     Anonymous NULL Ciphers (no authentication)    not offered (OK)
     Export ciphers (w/o ADH+NULL)                 not offered (OK)
     LOW: 64 Bit + DES encryption (w/o export)     not offered (OK)
     Weak 128 Bit ciphers (SEED, IDEA, RC[2,4])    not offered (OK)
     Triple DES Ciphers (Medium)                   not offered (OK)
     High encryption (AES+Camellia, no AEAD)       offered (OK)
     Strong encryption (AEAD ciphers)              offered (OK)
    

    Code (Text):
     Testing server preferences
    
     Has server cipher order?     yes (OK)
     Negotiated protocol          default proto empty Negotiated cipher            default cipher empty, 253 bit ECDH (X25519)
     Cipher order
        TLSv1:     ECDHE-ECDSA-AES128-SHA ECDHE-ECDSA-AES256-SHA
        TLSv1.1:   ECDHE-ECDSA-AES128-SHA ECDHE-ECDSA-AES256-SHA
        TLSv1.2:   ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-ECDSA-AES128-SHA ECDHE-ECDSA-AES256-SHA
        TLSv1.3:   TLS_AES_256_GCM_SHA384 TLS_CHACHA20_POLY1305_SHA256 TLS_AES_128_GCM_SHA256
    

    Code (Text):
     Testing ciphers per protocol via OpenSSL plus sockets against the server, ordered by encryption strength
    
    Hexcode  Cipher Suite Name (OpenSSL)       KeyExch.   Encryption  Bits     Cipher Suite Name (RFC)
    -----------------------------------------------------------------------------------------------------------------------------
    SSLv2
    SSLv3
    TLS 1
     xc00a   ECDHE-ECDSA-AES256-SHA            ECDH 253   AES         256      TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA        
     xc009   ECDHE-ECDSA-AES128-SHA            ECDH 253   AES         128      TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA        
    TLS 1.1
     xc00a   ECDHE-ECDSA-AES256-SHA            ECDH 253   AES         256      TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA        
     xc009   ECDHE-ECDSA-AES128-SHA            ECDH 253   AES         128      TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA        
    TLS 1.2
     xc02c   ECDHE-ECDSA-AES256-GCM-SHA384     ECDH 253   AESGCM      256      TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384    
     xc00a   ECDHE-ECDSA-AES256-SHA            ECDH 253   AES         256      TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA        
     xc02b   ECDHE-ECDSA-AES128-GCM-SHA256     ECDH 253   AESGCM      128      TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256    
     xc009   ECDHE-ECDSA-AES128-SHA            ECDH 253   AES         128      TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA        
    TLS 1.3
     x1302   TLS_AES_256_GCM_SHA384            ECDH 253   AESGCM      256      TLS_AES_256_GCM_SHA384                      
     x1303   TLS_CHACHA20_POLY1305_SHA256      ECDH 253   ChaCha20    256      TLS_CHACHA20_POLY1305_SHA256                
     x1301   TLS_AES_128_GCM_SHA256            ECDH 253   AESGCM      128      TLS_AES_128_GCM_SHA256
    

    Code (Text):
    
     Running client simulations via sockets
    
     Android 4.2.2                TLSv1.0 ECDHE-ECDSA-AES128-SHA, 256 bit ECDH (P-256)
     Android 4.4.2                TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
     Android 5.0.0                TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
     Android 6.0                  TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
     Android 7.0                  TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 253 bit ECDH (X25519)
     Chrome 57 Win 7              TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 253 bit ECDH (X25519)
     Chrome 65 Win 7              TLSv1.3 TLS_AES_128_GCM_SHA256, 253 bit ECDH (X25519)
     Firefox 53 Win 7             TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 253 bit ECDH (X25519)
     Firefox 59 Win 7             TLSv1.3 TLS_AES_128_GCM_SHA256, 253 bit ECDH (X25519)
     IE 6 XP                      No connection
     IE 7 Vista                   TLSv1.0 ECDHE-ECDSA-AES128-SHA, 256 bit ECDH (P-256)
     IE 8 Win 7                   TLSv1.0 ECDHE-ECDSA-AES128-SHA, 256 bit ECDH (P-256)
     IE 8 XP                      No connection
     IE 11 Win 7                  TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
     IE 11 Win 8.1                TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
     IE 11 Win Phone 8.1          TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
     IE 11 Win 10                 TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
     Edge 13 Win 10               TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
     Edge 13 Win Phone 10         TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
     Edge 15 Win 10               TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 253 bit ECDH (X25519)
     Opera 17 Win 7               TLSv1.2 ECDHE-ECDSA-AES128-SHA, 256 bit ECDH (P-256)
     Safari 9 iOS 9               TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
     Safari 9 OS X 10.11          TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
     Safari 10 OS X 10.12         TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
     Apple ATS 9 iOS 9            TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
     Tor 17.0.9 Win 7             TLSv1.0 ECDHE-ECDSA-AES128-SHA, 256 bit ECDH (P-256)
     Java 6u45                    No connection
     Java 7u25                    TLSv1.0 ECDHE-ECDSA-AES128-SHA, 256 bit ECDH (P-256)
     Java 8u161                   TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
     Java 9.0.4                   TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
     OpenSSL 1.0.1l               TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
     OpenSSL 1.0.2e               TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
    


    Testing Nginx Binaries Via tools/nginx-binary-backup.sh



    I wrote a new tools/nginx-binary-backup.sh script which can also backup and restore your Nginx binary/module states so you can more easily switch between them for testing as well. Thus saving you time beyond the initial Nginx compile for each version via centmin.sh menu option 4.

    backup


    Code (Text):
    ./nginx-binary-backup.sh backup
    --------------------------------------------------------
    backup current Nginx binary and dynamic modules
    --------------------------------------------------------
    backup started...
    --------------------------------------------------------
    /home/backup-nginxbin/1.15.3-gcc-8.2.1-20180824-boringssl-300818-031505
    +-- bin
    |   +-- nginx
    +-- dynamic-modules.conf
    +-- dynamic-modules-includes.conf
    +-- modules
        +-- ndk_http_module.so
        +-- ngx_http_brotli_filter_module.so
        +-- ngx_http_brotli_static_module.so
        +-- ngx_http_echo_module.so
        +-- ngx_http_fancyindex_module.so
        +-- ngx_http_headers_more_filter_module.so
        +-- ngx_http_image_filter_module.so
        +-- ngx_http_set_misc_module.so
        +-- ngx_http_vhost_traffic_status_module.so
        +-- ngx_stream_module.so
    
    2 directories, 13 files
    backup finished...
    --------------------------------------------------------
    backup created at /home/backup-nginxbin/1.15.3-gcc-8.2.1-20180824-boringssl-300818-031505
    --------------------------------------------------------
    


    list backups
    Code (Text):
    ./nginx-binary-backup.sh list                                        
    --------------------------------------------------------
    Listing of available Nginx binary/module backups
    --------------------------------------------------------
    /home/backup-nginxbin/1.15.3-gcc-8.2.1-20180810-openssl-1.1.0i-170818-184702
    /home/backup-nginxbin/1.15.3-gcc-8.2.1-20180817-boringssl-190818-020957
    /home/backup-nginxbin/1.15.3-gcc-8.2.1-20180817-openssl-1.1.1-pre9-dev-190818-230737
    /home/backup-nginxbin/1.15.3-gcc-8.2.1-20180817-libressl-2.7.4-200818-045747
    /home/backup-nginxbin/1.15.3-gcc-8.2.1-20180817-openssl-1.1.0i-200818-062309
    /home/backup-nginxbin/1.15.3-gcc-8.2.1-20180817-boringssl-210818-171332
    /home/backup-nginxbin/1.15.3-gcc-8.2.1-20180817-openssl-1.1.0i-210818-173357
    /home/backup-nginxbin/1.15.3-gcc-8.2.1-20180817-openssl-1.1.1-pre9-220818-015919
    /home/backup-nginxbin/1.15.3-gcc-8.2.1-20180824-boringssl-270818-064439
    /home/backup-nginxbin/1.15.2-gcc-8.2.1-20180824-openssl-1.1.1-pre10-dev-280818-104738
    /home/backup-nginxbin/1.15.3-gcc-8.2.1-20180824-boringssl-300818-031505
    --------------------------------------------------------
    


    Disabling BoringSSL with Centmin Mod Nginx



    If you want to disable BoringSSL and go back to default OpenSSL 1.1 based Centmin Mod Nginx, you can remove the override variable from the persistent config file /etc/centminmod/custom_config.inc prior to centmin.sh menu option 4 Nginx compiles. Remove the following.
    Code (Text):
    BORINGSSL_SWITCH='y'
    

    Then ensure you're on latest Centmin Mod 123.09beta01 build code by running update command before running centmin.sh
    Code (Text):
    cmupdate
    

    Then run centmin.sh menu option 4 Nginx compiles and specify Nginx version equal to/greater than 1.15.3 to recompile Nginx with default OpenSSL 1.1 based crypto library.
     
    Last edited: Aug 30, 2018
  2. eva2000

    eva2000 Administrator Staff Member

    53,608
    12,139
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,683
    Local Time:
    2:34 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
  3. eva2000

    eva2000 Administrator Staff Member

    53,608
    12,139
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,683
    Local Time:
    2:34 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+

    Cloudflare And Communication With TLS 1.3 Enabled Origins



    Most folks know Cloudflare supports TLS 1.3 for their front end reverse proxy web server which sits in front of a backend origin like Centmin Mod Nginx. But the question I had was does Cloudflare support TLS 1.3 communication between it's edge servers and origin backend like Centmin Mod Nginx? I asked on Cloudflare support forum and got some good news from Max at Cloudflare at Cloudflare speak TLS 1.3 0-RTT with Origin Backend?

    So Cloudflare can speak TLS 1.3 protocol with origin backends if they support TLS 1.3 draft 22. Unfortunately, BoringSSL based Nginx only supports TLS 1.3 RFC now or on Centmin Mod Nginx built with BoringSSL, TLS 1.3 RFC + TLS 1.3 draft 23/28 due to slight patch hack I did to re-enable the drafts. OpenSSL 1.1.1 dev betas now only support TLS 1.3 RFC. So once Cloudflare updates to support final TLS 1.3 RFC version, then Cloudflare will be able to speak with a TLS 1.3 enabled origin backend server via TLS 1.3 protocol instead of TLS 1.2 - saving folks at least another 1 RTT (Round Trip Time) = even faster page load speeds :cool:
     
  4. eva2000

    eva2000 Administrator Staff Member

    53,608
    12,139
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,683
    Local Time:
    2:34 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+

    BoringSSL Equal Preference Cipher Groups



    In order for Nginx HTTPS to work securely, you'd want to configure optimal ssl ciphers in your Nginx HTTPS vhost config file. For Centmin Mod Nginx the default ssl ciphers are made for OpenSSL and LibreSSL and BoringSSL usage and are defined as follows - TLS 1.3 ciphers are dynamically added only if TLS 1.3 OpenSSL crypto library is detected at Nginx compile time. So for TLS 1.3 detected Centmin Mod Nginx created vhost site the ssl_ciphers would be defined as
    Code (Text):
    ssl_ciphers TLS13-AES-128-GCM-SHA256:TLS13-AES-256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-128-CCM-8-SHA256:TLS13-AES-128-CCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS;
    

    Now BoringSSL can go one step further and support Equal Preference Cipher Groups
    The equal preference choice that clients/web browsers have is defined in brackets [|]. So you can replace Centmin Mod Nginx default ssl_cphers, with the following
    Code (Text):
    ssl_ciphers '[ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305|ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]:ECDHE+AES128:RSA+AES128:ECDHE+AES256:RSA+AES256:ECDHE+3DES:RSA+3DES';
    

    And restart Nginx service
    Code (Text):
    ngxrestart
    

    Note, if you switch back to OpenSSL/LibreSSL, you will need to reverse this ssl_ciphers change to previous defaults as OpenSSL and LibreSSL do not support Equal Preference Cipher Groups.

    And here's the differences according to SSLlabs testing

    with Centmin Mod Nginx default ssl_ciphers

    ssllabs-nginx-boringssl-tls13-cmm-ciphers-00.png

    BoringSSL's Equal Preference Cipher Groups based ssl_ciphers

    ssllabs-nginx-boringssl-tls13-cloudflare-ciphers-00.png

    and client negotiated ciphers chosen with Centmin Mod Nginx default ssl_ciphers

    ssllabs-nginx-boringssl-tls13-cmm-ciphers-01.png

    and client negotiated ciphers chosen with BoringSSL's Equal Preference Cipher Groups based ssl_ciphers

    ssllabs-nginx-boringssl-tls13-cloudflare-ciphers-01.png
     
  5. eva2000

    eva2000 Administrator Staff Member

    53,608
    12,139
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,683
    Local Time:
    2:34 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+

    TLS 1.3 0-RTT Early Data Support with BoringSSL and Nginx 1.15.3+



    Centmin Mod Nginx 1.15.3 + BoringSSL with TLS 1.3 can enable 0-RTT early data via ssl_early_data Nginx directive. Without this directive, you will not be able to do early data resumption (0-RTT). FYI, Nginx planning to add full TLS 1.3 0-RTT support with OpenSSL 1.1.1 after Nginx 1.15.4 is released (Nginx Road Map).

    Testing 0-RTT Early Data resumption from boringssl bssl binary help file
    Code (Text):
    -test-resumption        Connect to the server twice. The first connection is closed once a session is established. The second connection offers it.
    
    -early-data     Enable early data. The argument to this flag is the early data to send or if it starts with '@', the file to read from for early data
    


    look for Early data: yes :)
    Code (Text):
    /opt/boringssl/build/tool/bssl client -connect domain.com:443 -test-resumption -early-data /tmp/https.txt          
    Connecting to IPADDR:443
    Connected.
      Version: TLSv1.3
      Resumed session: no
      Cipher: TLS_AES_128_GCM_SHA256
      ECDHE curve: X25519
      Signature algorithm: ecdsa_secp256r1_sha256
      Secure renegotiation: yes
      Extended master secret: yes
      Next protocol negotiated:
      ALPN protocol:
      OCSP staple: no
      SCT list: no
      Early data: no
      Cert subject: CN = domain.com
      Cert issuer: C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
    Connecting to IPADDR:443
    Connected.
      Version: TLSv1.3
      Resumed session: yes
      Cipher: TLS_AES_128_GCM_SHA256
      ECDHE curve: X25519
      Signature algorithm: ecdsa_secp256r1_sha256
      Secure renegotiation: no
      Extended master secret: no
      Next protocol negotiated:
      ALPN protocol:
      OCSP staple: no
      SCT list: no
      Early data: yes
      Cert subject: CN = domain.com
      Cert issuer: C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
    Error while reading: unknown error type (15)
    

    contents of /tmp/https.txt
    Code (Text):
    GET / HTTP/1.1
    Host: domain.com:443
    


    Note: right now it can be security risk in enabling TLS 1.3 0-RTT with early data directive due to replay attacks as you'd need logic in your web apps to determine what/when to accept such requests. Nginx recommends having the following set
    Code (Text):
    proxy_set_header Early-Data $ssl_early_data;
    

    Cloudflare's implementation of TLS 1.3 0-RTT has such logic baked in so slightly different.
     
    Last edited: Sep 26, 2018
Thread Status:
Not open for further replies.