[PATCH] New directive to configure TLSv1.3 ciphers
mdounin at mdounin.ru
Fri Nov 16 11:51:53 UTC 2018
On Thu, Nov 15, 2018 at 12:17:15PM -0800, Ramprasad Tamilselvan wrote:
> I have a question regarding the ticket.
> What if different TLSv1.3 ciphers need to be configured in different server blocks?
> In this case, changing openssl.conf will not help right.
Sure, configuring ciphers via openssl.conf is at most workaround,
and does not cover all possible use cases. The best solution
would be to patch OpenSSL to support configuration of TLSv1.3
ciphers via SSL_CTX_set_cipher_list().
More information about the nginx-devel