You must upgrade OpenSSL to the next major version. It is not a straightforward operation. You may need to upgrade your OS and recompile all software.Which steps should I do to enable TLS 1.3 ?
TLS 1.0 and 1.1 can be safely disabled. TLS 1.2 is supported by all modern browsers.And should TLS 1.1 be disabled?
I personaly believe better to wait centos 8.Is there any guide on how to manage this?
I have Centos 7.6.1810 64-bit.
I'm sorry, but nginx-1.17.5.tar.gz doesn't exist on DA's file servers.Hello,
If your OS does not have OpenSSL 1.1.1, probably the best option would be to install Nginx+TLSv1.3 in front of Apache. See for this: https://help.poralix.com/articles/nginx-with-tlsv1.3-on-directadmin-server
[root@node1 custombuild]# ./build_nginx versions Latest stable version of Nginx: 1.16.1 Latest mainline version of Nginx: 1.17.5 (selected) Installed version of Nginx: 1.17.4
Usage: ./build_nginx versions <branch> - to update information of available mainline version ./build_nginx download <branch> - to download the latest available mainline version ./build_nginx install <branch> - to download and install the latest mainline version ./build_nginx cron <branch> - to run with cron (no installation is done here) ./build_nginx set-cron <branch> - to install a cron-task to run 'cron --mainline' nightly