Author Topic: TLSv1.3  (Read 320 times)

0 Members and 1 Guest are viewing this topic.

Offline
*
TLSv1.3
« on: January 09, 2021, 12:39:46 PM »
Does anyone got the TLSv1.3 version on CWP7 with centos 7 working? We dont seem to get it working. I hope someone can help us out as we now only have TLSv1.2. Thanks so much.

Ron Cooper

Offline
*
Re: TLSv1.3
« Reply #1 on: February 11, 2021, 11:57:55 AM »

I have the same problem.
I tried to compile nginx with support for tls1.3 but it doesn't work.
I pay for the pro version but we don't even have an answer on the forum.

Offline
*
Re: TLSv1.3
« Reply #2 on: February 11, 2021, 03:57:44 PM »
here solution:
https://gist.github.com/lesstif/a332456a4a6fecdf50f2ccbfe4a02727


I test with cwp on virtual machine and the nginx of the cwp kept working

Offline
**
Re: TLSv1.3
« Reply #3 on: February 12, 2021, 04:05:15 AM »
Does anyone got the TLSv1.3 version on CWP7 with centos 7 working? We dont seem to get it working. I hope someone can help us out as we now only have TLSv1.2. Thanks so much.

Ron Cooper

I have TLS 1.2 & 1.3 working with CWP on CentOS 8 using Apache. Don't know about Nginx.

Sandeep wrote a nice tutorial at: https://www.mysterydata.com/get-a-score-rating-with-ssllabs-qualys-in-cwp-control-web-panel/

I eddited: /usr/local/apache/conf.d/ssl.conf
with the just following, and then SSLLabs will give you an A+

<IfModule !ssl_module>
LoadModule ssl_module modules/mod_ssl.so
</IfModule>
Listen 443
SSLProtocol -all +TLSv1.2 +TLSv1.3
SSLHonorCipherOrder On
SSLCipherSuite    TLSv1.3    TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256
SSLCipherSuite    SSL        ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES256-GCM-SHA384
SSLCompression Off
SSLSessionTickets Off