Enabling TLS 1.0 / 1.1 on Debian Testing
mdounin at mdounin.ru
Thu Nov 15 18:25:48 UTC 2018
On Thu, Nov 15, 2018 at 12:17:39PM -0500, kmansoft wrote:
> Cross posting from https://unix.stackexchange.com/questions/481963, this
> seems to be the better place to ask.
> Just updated Debian from "stable" 9.* to "testing" 10.*.
> Have nginx 1.14 - used to come from "stable backports" now included in
> Debian itself.
> Seeing a strange issue with TLS versions in nginx.
> TLS 1.3 is enabled, and 1.2 is too, but I can't seem to get TLS 1.0 / 1.1
> even though they're included in nginx configs.
Upgrade to nginx 1.15.3+, this problem is expected to be addressed by
Alternatively, you can modify (and/or disable via the OPENSSL_CONF
environment variable specifically for nginx) system-wide OpenSSL
configuration file which disables protocols before TLS 1.2.
More information about the nginx