Author Topic: CWP support for TLSv1.3  (Read 16400 times)

0 Members and 1 Guest are viewing this topic.

Offline
*
Re: CWP support for TLSv1.3
« Reply #15 on: January 14, 2021, 11:23:22 PM »
Hello

I tried almost all of the tutorials to not have TLSv1, have TLSv1.2 or v1.3, have A+ mark and solve the errors and warnings I see in the https://www.ssllabs.com test, but had no success at all, I always get same errors, I do not understand what I should do...

 Here below are the main mangles sotted by the test

1) Server sent invalid HSTS policy. See below for further information.

2) This server supports TLS 1.0 and TLS 1.1. Grade capped to B. MORE INFO

3) This site works only in browsers with SNI support.

I am mostly concerned about the point 1 and 2

Why is the server sending an invalid HSTS policy? How can be fixed?
 I could not find info about this issue

For the second issue I tried to follow the tutorial in this same post, after launching the make -j4 command it fails to compile nginx 1.18.0

I also tried this tutorial: https://www.mysterydata.com/get-a-score-rating-with-ssllabs-qualys-in-cwp-control-web-panel/
did not work either for me

For what is concerning the SNI I think to have understood that cannot be avoided as ols OS browsers, eg XP and such cannot coop with it, so it is not taken in account in the evaluation

Does anyone have hints about how to fix it?

Thank you

Offline
*
Re: CWP support for TLSv1.3
« Reply #16 on: February 11, 2021, 12:01:09 PM »
DNA your explanation about the compilation of nginx and tls 1.3 does not work, I tested it as you explained and simply nginx breaks


please can someone help with cwp-pro centos 7 nginx and tls1.3?
« Last Edit: February 11, 2021, 12:03:41 PM by dinho »


Offline
*
Re: CWP support for TLSv1.3
« Reply #18 on: April 01, 2021, 12:46:01 PM »
Hi,
will this be incorporated in future CWP updates, or this has to be done manually?
Thanks