yes ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
So, to use TLSv1.3 we have to do 3 things: recompile nginx if we use older version (1.15.3) or just upgrade nginx to newest version manually update ssl_ciphers to: Code: ssl_ciphers TLS13-AES-128-GCM-SHA256:TLS13-AES-256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-128-CCM-8-SHA256:TLS13-AES-128-CCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS; update the file /usr/local/nginx/conf/ssl_include.conf to manualy add the TLS 1.3 Code: ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; restart nginx after that Do we need anything else to do?
If we are using Cloudflare SSL do we need to add ssl_ciphers line? This is currently the only lines I use for SSL with Cloudflare. Code: ssl_certificate /usr/local/nginx/conf/ssl/cf.crt; ssl_certificate_key /usr/local/nginx/conf/ssl/cf.key; ssl_client_certificate /usr/local/nginx/conf/ssl/cloudflare.crt; ssl_verify_client on; ssl_early_data on; proxy_set_header Early-Data $ssl_early_data;
I'd update the ssl_ciphers line but remove Code (Text): ssl_early_data on; proxy_set_header Early-Data $ssl_early_data; Cloudflare doesn't support using Early Data session resumption (0-RTT) or TLS 1.3 for communication between Cloudflare and Centmin Mod Nginx origin server as CF is using TLS 1.3 draft 22 right now and even if they update to TLS 1.3 rfc final, they have said they won't support 0-RTT for CF to origin communications.
How strange, even to me chrome works with tls1.3 despite not having inserted the new chip suite. I have only updated nginx and openssl 1.1.1
could be related to this nginx bug which i just patched Beta Branch - update inc/nginx_patch.inc for 123.09beta01
Sorry, at what point should the code be inserted to enable "earlydata" in the vhost configuration file? Because although I inserted it immediately after the chipersuite, it does not seem to work. Code (Text): ssl_early_data on; proxy_set_header Early-Data $ssl_early_data; Code (Text): issuer=C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3 --- No client certificate CA names sent Peer signing digest: SHA256 Peer signature type: ECDSA Server Temp Key: X25519, 253 bits --- SSL handshake has read 2901 bytes and written 390 bytes Verification error: unable to get local issuer certificate --- New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384 Server public key is 256 bit Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE No ALPN negotiated Early data was not sent Verify return code: 20 (unable to get local issuer certificate) --- --- Post-Handshake New Session Ticket arrived: SSL-Session: Protocol : TLSv1.3 Cipher : TLS_AES_256_GCM_SHA384 Session-ID: AA3B77C9DAA9FE467B48A5D1D94605DD550444230203D78BEB1D520EB6F01B74 Session-ID-ctx: Resumption PSK: 4BE682D92F637270A938D41CE57D24908E57DD2D4D815B234F9F5534F5174F33AE75D4DA9BC16D1A263D88A4DD7F09A2 PSK identity: None PSK identity hint: None SRP username: None TLS session ticket lifetime hint: 3600 (seconds) TLS session ticket: 0000 - 75 82 1c 51 93 75 6d 77-d9 44 5e 29 3a fe 96 c5 u..Q.umw.D^):... 0010 - 48 ee 4a 0c 82 86 4f 86-5e 86 1a 72 27 49 ec 8d H.J...O.^..r'I.. 0020 - bf 88 46 d5 bb 72 ec b3-20 5e 4d 3a 12 f8 9e 33 ..F..r.. ^M:...3 0030 - 60 ca ea 35 f1 d2 a7 da-b6 e9 30 90 14 0e d9 34 `..5......0....4 0040 - 2a c3 85 42 d3 b8 3a 56-c0 8d 91 9b 08 d2 3e 51 *..B..:V......>Q 0050 - 89 24 04 2a 34 fd 6c 76-92 ad 3f e1 0a 66 d1 87 .$.*4.lv..?..f.. 0060 - 95 19 64 23 a3 5d d9 82-40 c0 97 20 cd 92 a9 1a ..d#.]..@.. .... 0070 - a4 c0 03 cd 17 b7 32 3c-98 91 ee a4 78 98 f9 cc ......2<....x... 0080 - 24 3e 12 57 fb fb 4d dc-0d cd ea 19 b1 18 fe f3 $>.W..M......... 0090 - 4b 1f 41 5f e7 e5 4d 29-1d f7 bb 77 15 9a 75 6c K.A_..M)...w..ul 00a0 - 5d 43 a3 44 e0 95 d9 5f-c3 c4 42 34 d2 cb 90 10 ]C.D..._..B4.... 00b0 - fe 3a e4 b0 ca ef 72 a0-a7 eb 90 11 57 6f 1a cb .:....r.....Wo.. 00c0 - 60 9e 7c 24 1f a3 97 f2-42 46 6a b2 33 fe 3f 68 `.|$....BFj.3.?h 00d0 - 7b a9 db 40 9e 57 18 07-74 d0 af 58 7a 27 14 a4 {..@.W..t..Xz'.. 00e0 - e7 9b 1b 7d ea 2d 43 6e-90 00 ee d0 1d c5 af 5b ...}.-Cn.......[ Start Time: 1541790636 Timeout : 7200 (sec) Verify return code: 20 (unable to get local issuer certificate) Extended master secret: no Max Early Data: 16384 --- moreover, why does ECDSA no longer work with tls 1.3? Thanks!
TLS 1.3 works with ECDSA or RSA ssl certificates. But it's reported by it's own own ssl cipher see TLS1.3 - OpenSSLWiki (bold part) anywhere in server{} context How did you test as openssl s_client needs to save a previous HTTPS session and have it replayed to test if early data is working and you don't really want to be using it due to security and replay attacks unless your web app knows how to handle it.
TLS 1.3 is in development for the Microsoft Edge browser. The status of TLS 1.3 in Microsoft Edge is In Development - Microsoft Edge Development Modernizing TLS connections in Microsoft Edge and Internet Explorer 11 - Microsoft Edge Dev Blog
I have several alerts of this type.. inside the vhost error log. not many. [QUOTEB] 2018/11/16 12:30:37 4642#4642: *333385 ignoring stale global SSL error (SSL: error:1409E10F:SSL routines:ssl3_write_bytes:bad length) while processing HTTP/2 connection, client: 213.45.x.xxx, server: 0.0.0.0:443 [/QUOTEB]