Comments on: How to Enable TLS 1.3 in Apache and Nginx https://www.tecmint.com/enable-tls-in-apache-and-nginx/ Tecmint - Linux Howtos, Tutorials, Guides, News, Tips and Tricks. Mon, 11 Oct 2021 18:35:12 +0000 hourly 1 By: Eric Evans https://www.tecmint.com/enable-tls-in-apache-and-nginx/comment-page-1/#comment-1606702 Mon, 11 Oct 2021 18:35:12 +0000 https://www.tecmint.com/?p=33226#comment-1606702 I followed the guide but httpd still says TLSv1.3 is an illegal protocol.

mod_ssl is enabled
ssl.conf Listen 443 httpd

adding ssl throws an error.

[root@webhost ~]# httpd -V
Server version: Apache/2.4.6 (CentOS)
Server built:   Nov 16 2020 16:18:20
Server's Module Magic Number: 20120211:24
Server loaded:  APR 1.4.8, APR-UTIL 1.5.2
Compiled using: APR 1.4.8, APR-UTIL 1.5.2
Architecture:   64-bit
Server MPM:     prefork
  threaded:     no
    forked:     yes (variable process count)
Server compiled with....
 -D APR_HAS_SENDFILE
 -D APR_HAS_MMAP
 -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
 -D APR_USE_SYSVSEM_SERIALIZE
 -D APR_USE_PTHREAD_SERIALIZE
 -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
 -D APR_HAS_OTHER_CHILD
 -D AP_HAVE_RELIABLE_PIPED_LOGS
 -D DYNAMIC_MODULE_LIMIT=256
 -D HTTPD_ROOT="/etc/httpd"
 -D SUEXEC_BIN="/usr/sbin/suexec"
 -D DEFAULT_PIDLOG="/run/httpd/httpd.pid"
 -D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
 -D DEFAULT_ERRORLOG="logs/error_log"
 -D AP_TYPES_CONFIG_FILE="conf/mime.types"
 -D SERVER_CONFIG_FILE="conf/httpd.conf"

OpenSSL 1.1.1g FIPS  21 Apr 2020

If you need more info let me know, but I think this should be working.

]]> By: Özgür Kazancci https://www.tecmint.com/enable-tls-in-apache-and-nginx/comment-page-1/#comment-1311231 Sat, 11 Jan 2020 14:21:05 +0000 https://www.tecmint.com/?p=33226#comment-1311231 Apache’s configuration in that article is completely messed up.
Apache’s SSL Protocol configuration should be:
SSLProtocol -all +TLSv1.2 +TLSv1.3
instead of
ssl_protocols (<- that's nginx format, not apache)
That's why the guy called "Spelto" has failed there^^.

]]> By: Ravi Saive https://www.tecmint.com/enable-tls-in-apache-and-nginx/comment-page-1/#comment-1284081 Thu, 07 Nov 2019 05:27:02 +0000 https://www.tecmint.com/?p=33226#comment-1284081 In reply to Dip.

@Dip,

TLSv1.3 is supported in Apache2 version 2.4.36 with OpenSSL 1.1.1. I see you have Apache version 2.4.6, please update it.

]]> By: Dip https://www.tecmint.com/enable-tls-in-apache-and-nginx/comment-page-1/#comment-1283792 Wed, 06 Nov 2019 13:56:17 +0000 https://www.tecmint.com/?p=33226#comment-1283792 Hello.

Great instructions.

But we have problems with httpd -t:

syntax error in /etc/httpd/conf.d/Vhosts.conf:
SSLProtocol: Illegal protocol 'TLSv1.3'

Oracle Linux:

Server version: Apache/2.4.6
OpenSSL 1.1.1c  28 May 2019

What could be the problem?

Thanks.

BR

]]> By: Ravi Saive https://www.tecmint.com/enable-tls-in-apache-and-nginx/comment-page-1/#comment-1282439 Mon, 04 Nov 2019 05:19:58 +0000 https://www.tecmint.com/?p=33226#comment-1282439 In reply to Spelto.

@Spelto,

Did you enable the mod_ssl module?

]]>