1. Oct 19, 2019 #1
   

   BamaStangGuy Active Member

   669

   192

   43

   May 25, 2014

   Ratings:

   +272

   Local Time:

   7:20 PM

   Is there any downside to only allowing TLSv1.3 in nginx if behind CloudFlare?
   

   ---

    
2. Oct 19, 2019 #2
   

   eva2000 Administrator Staff Member

   58,905

   12,490

   113

   May 24, 2014

   Brisbane, Australia

   Ratings:

   +19,122

   Local Time:

   10:20 AM

   Nginx 1.31.x

   MariaDB 10.x/11.4+/12.3+

   Not all clients support TLSv1.3 so you'd want TLSv1.2 + TLSv1.3 supported

    
3. Oct 19, 2019 #3
   

   BamaStangGuy Active Member

   669

   192

   43

   May 25, 2014

   Ratings:

   +272

   Local Time:

   7:20 PM

   I planned to leave TLSv1.2 as the minimum in CloudFlare settings but shouldn't CloudFlare connect to my server via TLSv1.3 always anyways?

    
4. Oct 19, 2019 #4
   

   eva2000 Administrator Staff Member

   58,905

   12,490

   113

   May 24, 2014

   Brisbane, Australia

   Ratings:

   +19,122

   Local Time:

   10:20 AM

   Nginx 1.31.x

   MariaDB 10.x/11.4+/12.3+

   Yeah with Cloudflare Full or Full Strict SSL enabled (not Flexible SSL), Cloudflare will connect to your Centmin Mod Nginx origin via TLSv1.3 if Centmin Mod Nginx supports it which it does in 123.09beta01 and newer versions at least.

    

• Log in with Facebook

Your name or email address:

Do you already have an account?

• No, create an account now.
• Yes, my password is:
• Forgot your password?
  Lost access to your email account?