OpenSSL 1.1.1 is now available to Ubuntu 18.04 LTS with the release of 18.04.3. This porting of OpenSSL 1.1.1 has opened up the ability to run with TLS 1.3 on your Ubuntu 18.04 LTS NGINX-powered webserver. To add TLS 1.3 support to your existing NGINX installation, first upgrade your Ubuntu 18.04 LTS server to 18.04.3, and then find the ssl_protocols directive for NGINX and add TLSv1.3 at the end:
|
1 |
ssl_protocols TLSv1.2 TLSv1.3; |
Restart NGINX with systemctl restart nginx.
It really is as simple as that! If your browser supports TLS 1.3 (and all major browsers do as of November 2019 with the notable exception of Microsoft Edge) it will negotiate to it. As of this writing (November 2019), you would not want to disable TLSv1.2. Odds are you will break tools such as cURL and other HTTPS agents accessing your site. Here’s an example of what that looks like for curl on macOS 10.14.6 (Mojave):
|
1 |
curl: (35) A bad protocol version was encountered |
In other words, the stock macOS 10.14.6 curl cannot establish a connection with a webserver running only TLS 1.3.
Enabling 0-RTT
There are a lot of compelling features to TLS 1.3, one of them being 0-RTT for performance gains in establishing a connection to the webserver. NGINX enables TLS 1.3 0-RTT if the configuration parameter ssl_early_data is set to on. If you are using the stock NGINX provided by Ubuntu 18.04 LTS 0-RTT is not supported. Let’s upgrade to the version provided by the NGINX PPA and enable it.
|
1 2 3 |
# sudo add-apt-repository ppa:nginx/stable # sudo apt-get update # sudo apt-get upgrade |
Go back to your NGINX configuration and place the ssl_early_data directive near all of the other ssl_ directives, like this:
|
1 2 3 4 5 |
# SSL Settings ssl_protocols TLSv1.2 TLSv1.3; ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384; ssl_prefer_server_ciphers off; ssl_early_data on; |
Now, all that being said, 0-RTT is not something you will want to enable without careful consideration. The “early” in SSL early data comes from the idea that if the client already has a pre-shared key, it can reuse the key. This is a great post outlining the benefits, and risks, of enabling 0-RTT.
Hi,
last week I made the point 2 upgrade of Ubuntu 18.04 LTS on server with Plesk 17.8.11.
I was excited about the long-promised upgrade to OpenSSL 1.1.1 with TLS 1.3 support.
But Ubuntu 18.04 point 2 upgrade didn’t change OpenSSL 1.1.0g version at all.
I read several docs from Canonical and other sources. Is it correct that we have to do it ourselves?
Yes, Ubuntu 18.04.2 does not include the necessary support for TLS1.3 whereas Ubuntu 18.04.3 does. You will want to go ahead and upgrade and, if possible, go to Ubuntu 18.04.4 which is available as of May 2020.
# lsb_release -ds
Ubuntu 18.04.5 LTS
# nginx -v
nginx version: nginx/1.14.0 (Ubuntu)
—
no support TLS1.3
🙁