10 May
2024
10 May
'24
12:10 p.m.
On 9/5/24 14:29, David Mehler via Blind-sysadmins wrote:
I'm doing some configuration changes on a spare Nginx web server to evaluate them before putting them on the main server. I've got a question on the ssl_protocols configuration option. I'm wanting to support only TLSv1.3 and TLSv1.2 I've seen configurations written in both of the following ways:
ssl_protocols TLSv1.3 TLSv1.2;
or:
ssl_protocols TLSv1.2 TLSv1.3;
I checked my configuration, and I'm using the latter syntax. What I don't know is whether the priority order of the TLS version negotiation is affected. Can you test it? For example, run openssl to create a client connection, and check the output that shows the TLS negotiation.