Get the most out of your Centmin Mod LEMP stack
Become a Member

OpenSSL OpenSSL 1.1.1 and Chrome 70 with TLS 1.3 RFC support

Discussion in 'CentOS, Redhat & Oracle Linux News' started by buik, Oct 16, 2018.

  1. rdan

    rdan Well-Known Member

    5,446
    1,408
    113
    May 25, 2014
    Ratings:
    +2,201
    Local Time:
    5:09 AM
    Mainline
    10.2
    @Sunka
    Did you include this in your vhost config?

     
  2. eva2000

    eva2000 Administrator Staff Member

    54,647
    12,230
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,799
    Local Time:
    7:09 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    your /usr/local/nginx/conf/conf.d/phpmyadmin_ssl.conf ssl_ciphers need updating too but also check chrome://flags for TLS 1.3 to see if final needs to be set like on @rdan's virtualbox
     
  3. Sunka

    Sunka Well-Known Member

    1,150
    325
    83
    Oct 31, 2015
    Pula, Croatia
    Ratings:
    +525
    Local Time:
    10:09 PM
    Nginx 1.17.9
    MariaDB 10.3.22
    Nop


    Changed chipers for phpmyadmin and also change chrome flag to On

    Working (in firefox still shows tlsv1.2)


    SSL.png
     
  4. rdan

    rdan Well-Known Member

    5,446
    1,408
    113
    May 25, 2014
    Ratings:
    +2,201
    Local Time:
    5:09 AM
    Mainline
    10.2
    That's why :D.
     
  5. rdan

    rdan Well-Known Member

    5,446
    1,408
    113
    May 25, 2014
    Ratings:
    +2,201
    Local Time:
    5:09 AM
    Mainline
    10.2
    I can see your site is fine now.
    Protocol
    TLS 1.3
    Key exchange group
    X25519
    Cipher
    AES_256_GCM
     
  6. buik

    buik “The best traveler is one without a camera.”

    2,026
    524
    113
    Apr 29, 2016
    Flanders
    Ratings:
    +1,674
    Local Time:
    10:09 PM
  7. rdan

    rdan Well-Known Member

    5,446
    1,408
    113
    May 25, 2014
    Ratings:
    +2,201
    Local Time:
    5:09 AM
    Mainline
    10.2
    Works fine
    upload_2018-10-24_0-51-28.png
     
  8. buik

    buik “The best traveler is one without a camera.”

    2,026
    524
    113
    Apr 29, 2016
    Flanders
    Ratings:
    +1,674
    Local Time:
    10:09 PM
  9. eva2000

    eva2000 Administrator Staff Member

    54,647
    12,230
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,799
    Local Time:
    7:09 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    My Samsung S7 finally updated Chrome to 70 as well :D

    andorid8-chrome70-01-tn.jpg andorid8-chrome70-02-tn.jpg
     
  10. Meirami

    Meirami Active Member

    154
    28
    28
    Dec 21, 2017
    Ratings:
    +63
    Local Time:
    11:09 PM
    How can I see detailed connection and certificate information with Android Firefox 63? By touching the lock, I see if connection is secure or not and whose certificate is in use. Nothing more.
    With Crome I can see detailed information.
     
  11. buik

    buik “The best traveler is one without a camera.”

    2,026
    524
    113
    Apr 29, 2016
    Flanders
    Ratings:
    +1,674
    Local Time:
    10:09 PM
    Chrome 71 stable released.
    Regarding to TLS 1.3; Draft 28 is gone.
    Only Draft 23 and the final spec. are present.
     
  12. eva2000

    eva2000 Administrator Staff Member

    54,647
    12,230
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,799
    Local Time:
    7:09 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    don't think you can

    Thanks for heads up :)