Is it possible to use TLSv1.3 in Apache 2.4
Clash Royale CLAN TAG#URR8PPP
up vote
12
down vote
favorite
Is it possible to use TLSv1.3 in Apache2.4? As of October 2015, TLS 1.3 is a working draft, i.e. TLSv1.3.
ssl apache-httpd
edited Jan 3 '16 at 23:03
Gilles
514k12110201550
asked Jan 3 '16 at 1:54
Vim
1161113
add a comment |Â
up vote
12
down vote
favorite
Is it possible to use TLSv1.3 in Apache2.4? As of October 2015, TLS 1.3 is a working draft, i.e. TLSv1.3.
ssl apache-httpd
edited Jan 3 '16 at 23:03
Gilles
514k12110201550
asked Jan 3 '16 at 1:54
Vim
1161113
See answer at [stackoverflow.com/questions/50722876/]. This should work.
– Bernd
Jul 13 at 8:56
add a comment |Â
up vote
12
down vote
favorite
up vote
12
down vote
favorite
Is it possible to use TLSv1.3 in Apache2.4? As of October 2015, TLS 1.3 is a working draft, i.e. TLSv1.3.
ssl apache-httpd
edited Jan 3 '16 at 23:03
Gilles
514k12110201550
asked Jan 3 '16 at 1:54
Vim
1161113
Is it possible to use TLSv1.3 in Apache2.4? As of October 2015, TLS 1.3 is a working draft, i.e. TLSv1.3.
ssl apache-httpd
ssl apache-httpd
edited Jan 3 '16 at 23:03
Gilles
514k12110201550
asked Jan 3 '16 at 1:54
Vim
1161113
edited Jan 3 '16 at 23:03
Gilles
514k12110201550
asked Jan 3 '16 at 1:54
Vim
1161113
edited Jan 3 '16 at 23:03
Gilles
514k12110201550
edited Jan 3 '16 at 23:03
Gilles
514k12110201550
edited Jan 3 '16 at 23:03
Gilles
514k12110201550
514k12110201550
asked Jan 3 '16 at 1:54
Vim
1161113
asked Jan 3 '16 at 1:54
Vim
1161113
asked Jan 3 '16 at 1:54
Vim
1161113
1161113
See answer at [stackoverflow.com/questions/50722876/]. This should work.
– Bernd
Jul 13 at 8:56
add a comment |Â
See answer at [stackoverflow.com/questions/50722876/]. This should work.
– Bernd
Jul 13 at 8:56
See answer at [stackoverflow.com/questions/50722876/]. This should work.
– Bernd
Jul 13 at 8:56
See answer at [stackoverflow.com/questions/50722876/]. This should work.
– Bernd
Jul 13 at 8:56
add a comment |Â
2 Answers
2
active
oldest
votes
up vote
12
down vote
March 2018 Update
TLS 1.3 draft is up to v26. There is general support in the main SSL libraries for varying versions of the Draft. It doesn't look like Chrome and Firefox haven't shipped it on as default yet. Cloudflare have written about some issues with using TLS 1.3 across some TLS 1.2 devices when trials were done.
Dec 2017 Update
The TLS 1.3 Draft is up to v22. Not much change in servers and clients, probably waiting for something closer to the formal release spec.
June 2017 Update
The mod_nss module can be used to enable TLS 1.3 on Apache 2.4
Most SSL implementations have varying features of TLS 1.3 implemented.
Chrome and Firefox have shipped TLS 1.3 behind feature flags.
Feb 2017 Update
There are some TLS 1.3 implementations now the spec is a bit more mature. BoringSSL and OpenSSL are working on 1.3 but it seems to be a WIP. No mod_ssl TLS 1.3 yet.
Original
There doesn't seem to be any OpenSSL implementations of the draft TLS 1.3 specification yet which would be required for modssl to support it. So I'm going to say no.
Neither the OpenSSL or BoringSSL projects mention TLS 1.3 much other than people fixing bugs with forethought of what looks like coming in TLS 1.3. There's only a couple of references to the 1.3 version in the tests for OpenSSL.
answered Jan 3 '16 at 3:21
Matt
5,92511625
I have taken Apache 2.4 that come with OpenSSL 1.1.0 and replaced the files with OpenSSL 1.1.1-pre3 (it works) and I have also enabled TLS 1.3 support in Firefox; but I still don't know how to enable TLS 1.3 in Apache. Any help?
– ale5000
Mar 30 at 8:58
1
pagure.io/mod_nss
– Matt
Mar 30 at 12:28
add a comment |Â
up vote
0
down vote
TLS 1.3 is now supported in version 2.4.36 with openssl 1.1.1
https://github.com/apache/httpd/blob/2.4.36/CHANGES
answered 14 mins ago
obencs
1
New contributor
obencs is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |Â
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
12
down vote
March 2018 Update
TLS 1.3 draft is up to v26. There is general support in the main SSL libraries for varying versions of the Draft. It doesn't look like Chrome and Firefox haven't shipped it on as default yet. Cloudflare have written about some issues with using TLS 1.3 across some TLS 1.2 devices when trials were done.
Dec 2017 Update
The TLS 1.3 Draft is up to v22. Not much change in servers and clients, probably waiting for something closer to the formal release spec.
June 2017 Update
The mod_nss module can be used to enable TLS 1.3 on Apache 2.4
Most SSL implementations have varying features of TLS 1.3 implemented.
Chrome and Firefox have shipped TLS 1.3 behind feature flags.
Feb 2017 Update
There are some TLS 1.3 implementations now the spec is a bit more mature. BoringSSL and OpenSSL are working on 1.3 but it seems to be a WIP. No mod_ssl TLS 1.3 yet.
Original
There doesn't seem to be any OpenSSL implementations of the draft TLS 1.3 specification yet which would be required for modssl to support it. So I'm going to say no.
Neither the OpenSSL or BoringSSL projects mention TLS 1.3 much other than people fixing bugs with forethought of what looks like coming in TLS 1.3. There's only a couple of references to the 1.3 version in the tests for OpenSSL.
answered Jan 3 '16 at 3:21
Matt
5,92511625
I have taken Apache 2.4 that come with OpenSSL 1.1.0 and replaced the files with OpenSSL 1.1.1-pre3 (it works) and I have also enabled TLS 1.3 support in Firefox; but I still don't know how to enable TLS 1.3 in Apache. Any help?
– ale5000
Mar 30 at 8:58
1
pagure.io/mod_nss
– Matt
Mar 30 at 12:28
add a comment |Â
up vote
12
down vote
March 2018 Update
TLS 1.3 draft is up to v26. There is general support in the main SSL libraries for varying versions of the Draft. It doesn't look like Chrome and Firefox haven't shipped it on as default yet. Cloudflare have written about some issues with using TLS 1.3 across some TLS 1.2 devices when trials were done.
Dec 2017 Update
The TLS 1.3 Draft is up to v22. Not much change in servers and clients, probably waiting for something closer to the formal release spec.
June 2017 Update
The mod_nss module can be used to enable TLS 1.3 on Apache 2.4
Most SSL implementations have varying features of TLS 1.3 implemented.
Chrome and Firefox have shipped TLS 1.3 behind feature flags.
Feb 2017 Update
There are some TLS 1.3 implementations now the spec is a bit more mature. BoringSSL and OpenSSL are working on 1.3 but it seems to be a WIP. No mod_ssl TLS 1.3 yet.
Original
There doesn't seem to be any OpenSSL implementations of the draft TLS 1.3 specification yet which would be required for modssl to support it. So I'm going to say no.
Neither the OpenSSL or BoringSSL projects mention TLS 1.3 much other than people fixing bugs with forethought of what looks like coming in TLS 1.3. There's only a couple of references to the 1.3 version in the tests for OpenSSL.
answered Jan 3 '16 at 3:21
Matt
5,92511625
I have taken Apache 2.4 that come with OpenSSL 1.1.0 and replaced the files with OpenSSL 1.1.1-pre3 (it works) and I have also enabled TLS 1.3 support in Firefox; but I still don't know how to enable TLS 1.3 in Apache. Any help?
– ale5000
Mar 30 at 8:58
1
pagure.io/mod_nss
– Matt
Mar 30 at 12:28
add a comment |Â
up vote
12
down vote
up vote
12
down vote
March 2018 Update
TLS 1.3 draft is up to v26. There is general support in the main SSL libraries for varying versions of the Draft. It doesn't look like Chrome and Firefox haven't shipped it on as default yet. Cloudflare have written about some issues with using TLS 1.3 across some TLS 1.2 devices when trials were done.
Dec 2017 Update
The TLS 1.3 Draft is up to v22. Not much change in servers and clients, probably waiting for something closer to the formal release spec.
June 2017 Update
The mod_nss module can be used to enable TLS 1.3 on Apache 2.4
Most SSL implementations have varying features of TLS 1.3 implemented.
Chrome and Firefox have shipped TLS 1.3 behind feature flags.
Feb 2017 Update
There are some TLS 1.3 implementations now the spec is a bit more mature. BoringSSL and OpenSSL are working on 1.3 but it seems to be a WIP. No mod_ssl TLS 1.3 yet.
Original
There doesn't seem to be any OpenSSL implementations of the draft TLS 1.3 specification yet which would be required for modssl to support it. So I'm going to say no.
Neither the OpenSSL or BoringSSL projects mention TLS 1.3 much other than people fixing bugs with forethought of what looks like coming in TLS 1.3. There's only a couple of references to the 1.3 version in the tests for OpenSSL.
answered Jan 3 '16 at 3:21
Matt
5,92511625
March 2018 Update
TLS 1.3 draft is up to v26. There is general support in the main SSL libraries for varying versions of the Draft. It doesn't look like Chrome and Firefox haven't shipped it on as default yet. Cloudflare have written about some issues with using TLS 1.3 across some TLS 1.2 devices when trials were done.
Dec 2017 Update
The TLS 1.3 Draft is up to v22. Not much change in servers and clients, probably waiting for something closer to the formal release spec.
June 2017 Update
The mod_nss module can be used to enable TLS 1.3 on Apache 2.4
Most SSL implementations have varying features of TLS 1.3 implemented.
Chrome and Firefox have shipped TLS 1.3 behind feature flags.
Feb 2017 Update
There are some TLS 1.3 implementations now the spec is a bit more mature. BoringSSL and OpenSSL are working on 1.3 but it seems to be a WIP. No mod_ssl TLS 1.3 yet.
Original
There doesn't seem to be any OpenSSL implementations of the draft TLS 1.3 specification yet which would be required for modssl to support it. So I'm going to say no.
Neither the OpenSSL or BoringSSL projects mention TLS 1.3 much other than people fixing bugs with forethought of what looks like coming in TLS 1.3. There's only a couple of references to the 1.3 version in the tests for OpenSSL.
answered Jan 3 '16 at 3:21
Matt
5,92511625
edited Mar 30 at 12:28
answered Jan 3 '16 at 3:21
Matt
5,92511625
answered Jan 3 '16 at 3:21
Matt
5,92511625
answered Jan 3 '16 at 3:21
Matt
5,92511625
5,92511625
I have taken Apache 2.4 that come with OpenSSL 1.1.0 and replaced the files with OpenSSL 1.1.1-pre3 (it works) and I have also enabled TLS 1.3 support in Firefox; but I still don't know how to enable TLS 1.3 in Apache. Any help?
– ale5000
Mar 30 at 8:58
1
pagure.io/mod_nss
– Matt
Mar 30 at 12:28
add a comment |Â
I have taken Apache 2.4 that come with OpenSSL 1.1.0 and replaced the files with OpenSSL 1.1.1-pre3 (it works) and I have also enabled TLS 1.3 support in Firefox; but I still don't know how to enable TLS 1.3 in Apache. Any help?
– ale5000
Mar 30 at 8:58
1
pagure.io/mod_nss
– Matt
Mar 30 at 12:28
I have taken Apache 2.4 that come with OpenSSL 1.1.0 and replaced the files with OpenSSL 1.1.1-pre3 (it works) and I have also enabled TLS 1.3 support in Firefox; but I still don't know how to enable TLS 1.3 in Apache. Any help?
– ale5000
Mar 30 at 8:58
I have taken Apache 2.4 that come with OpenSSL 1.1.0 and replaced the files with OpenSSL 1.1.1-pre3 (it works) and I have also enabled TLS 1.3 support in Firefox; but I still don't know how to enable TLS 1.3 in Apache. Any help?
– ale5000
Mar 30 at 8:58
1
1
pagure.io/mod_nss
– Matt
Mar 30 at 12:28
pagure.io/mod_nss
– Matt
Mar 30 at 12:28
add a comment |Â
up vote
0
down vote
TLS 1.3 is now supported in version 2.4.36 with openssl 1.1.1
https://github.com/apache/httpd/blob/2.4.36/CHANGES
answered 14 mins ago
obencs
1
New contributor
obencs is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |Â
up vote
0
down vote
TLS 1.3 is now supported in version 2.4.36 with openssl 1.1.1
https://github.com/apache/httpd/blob/2.4.36/CHANGES
answered 14 mins ago
obencs
1
New contributor
obencs is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |Â
up vote
0
down vote
up vote
0
down vote
TLS 1.3 is now supported in version 2.4.36 with openssl 1.1.1
https://github.com/apache/httpd/blob/2.4.36/CHANGES
answered 14 mins ago
obencs
1
New contributor
obencs is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
TLS 1.3 is now supported in version 2.4.36 with openssl 1.1.1
https://github.com/apache/httpd/blob/2.4.36/CHANGES
answered 14 mins ago
obencs
1
New contributor
obencs is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
answered 14 mins ago
obencs
1
New contributor
obencs is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
answered 14 mins ago
obencs
1
answered 14 mins ago
obencs
1
1
New contributor
obencs is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
obencs is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
obencs is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |Â
add a comment |Â
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f252949%2fis-it-possible-to-use-tlsv1-3-in-apache-2-4%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
See answer at [stackoverflow.com/questions/50722876/]. This should work.
– Bernd
Jul 13 at 8:56