You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by Apache Lounge <in...@apachelounge.com> on 2018/07/27 11:29:32 UTC
Win run success tls 1.3 with Chrome
Maybe someone is interested.
With initial testing:
Chrome 68 with tls 1.3 draft 28 (setting in chrome://flags)
OpenSSL version 1.1.1-pre8
httpd-trunk revision 1836684
Chrome Output:
Connection - secure (strong TLS 1.3)
The connection to this site is encrypted and authenticated using TLS
1.3 (a strong protocol),
X25519 (a strong key exchange), and AES_256_GCM (a strong cipher).
httpd config:
SSLHonorCipherOrder On
SSLProtocol -all +TLSv1.3
SSLCompression off
SSLSessionTickets off
(no SSLCipherSuite defined)
Access log :
localhost:443 HTTP/2.0 ::1 - - [27/Jul/2018:12:58:21 +0200] TLSv1.3
TLS_AES_256_GCM_SHA384 "GET /index.html HTTP/2.0" 200 320 "-"
"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML,
like Gecko) Chrome/68.0.3440.75 Safari/537.36"
Sincerely,
AL
Re: Win run success tls 1.3 with Chrome
Posted by Dennis Clarke <dc...@blastwave.org>.
On 07/27/18 07:29, Apache Lounge wrote:
>
> Maybe someone is interested.
>
> With initial testing:
>
> Chrome 68 with tls 1.3 draft 28 (setting in chrome://flags)
> OpenSSL version 1.1.1-pre8
> httpd-trunk revision 1836684
>
> Chrome Output:
> Connection - secure (strong TLS 1.3)
>
> The connection to this site is encrypted and authenticated using TLS 1.3
> (a strong protocol),
> X25519 (a strong key exchange), and AES_256_GCM (a strong cipher).
>
> httpd config:
> SSLHonorCipherOrder On
>
> SSLProtocol -all +TLSv1.3
> SSLCompression off
> SSLSessionTickets off
> (no SSLCipherSuite defined)
>
>
> Access log :
> localhost:443 HTTP/2.0 ::1 - - [27/Jul/2018:12:58:21 +0200] TLSv1.3
> TLS_AES_256_GCM_SHA384 "GET /index.html HTTP/2.0" 200 320 "-"
> "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML,
> like Gecko) Chrome/68.0.3440.75 Safari/537.36"
>
>
Looks good .. you can also try https://www.tls13.net/
dc