TLS1.3 ciphersuites configuration way Support

Alex Zhang zchao1995 at gmail.com
Fri Sep 28 08:56:10 UTC 2018


 Hello!

It seems that OpenSSL has changed the way TLSv1.3 cipher suites are
configured.
According to the document
https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_cipher_list.html, the
function SSL_CTX_set_cipher_list isn’t suitable for TLSv1.3, instead,
SSL_CTX_set_ciphersuits should be used. While Nginx’s now still use
SSL_CTX_set_cipher_list
to configure the SSL/TLS ciphers, which leads to the default cipher suits
are used all the time.

Is there any support plan for this?

Best Regards
Alex Zhang
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20180928/9c5153cf/attachment.html>


More information about the nginx mailing list