Hi. From what I have read over the years the order doesn't matter for this directive and it will use the highest SSL protocol version supported by both ends of the connection. I manage the configuration of Nginx on this server via the Certbott module and it has set the directive: ssl_protocols TLSv1.2 TLSv1.3; I get an A+ on Qualys SSL check. Andrew. -----Original Message----- From: David Mehler via Blind-sysadmins <blind-sysadmins@lists.hodgsonfamily.org> Sent: Thursday, May 9, 2024 7:29 PM To: blind-sysadmins@lists.hodgsonfamily.org Cc: David Mehler <dave.mehler@gmail.com> Subject: [Blind-sysadmins] Nginx SSL question Hello, Do we have any advanced admins of the Nginx web server? I'm doing some configuration changes on a spare Nginx web server to evaluate them before putting them on the main server. I've got a question on the ssl_protocols configuration option. I'm wanting to support only TLSv1.3 and TLSv1.2 I've seen configurations written in both of the following ways: ssl_protocols TLSv1.3 TLSv1.2; or: ssl_protocols TLSv1.2 TLSv1.3; Question, which is correct? Thanks. Dave. -- Sent from Mozilla Thunderbird 91.13.1 _______________________________________________ Blind-sysadmins mailing list -- blind-sysadmins@lists.hodgsonfamily.org To unsubscribe send an email to blind-sysadmins-leave@lists.hodgsonfamily.org