Hi,
As per RHEL article, TLS1.3 is support by OpenSSL-1.1.1 in CentOS-8. (https://access.redhat.com/articles/3628041)
I need to support TLS1.3 in CentOS-7. I even tried to compile OpenSSL-1.1.1 against CentOS-7-x86-64, but it is not successful.
Would it be possible to support TLS1.3 in CentOS-7?
Regards,
Arun
TLS1.3 Support
Re: TLS1.3 Support
Only if Red Hat backport openssl 1.1.1 to RHEL 7 which I would suspect is not going to happen.
CentOS 6 died in November 2020 - migrate to a new version!
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 is dead, do not use it.
Full time Geek, part time moderator. Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 is dead, do not use it.
Full time Geek, part time moderator. Use the FAQ Luke
Re: TLS1.3 Support
Actually, there is minor support for TLS 1.3 in 7. NSS as shipped with 7.7+ can do TLS 1.3, but of the programs that use NSS for crypto only firefox, thunderbird, and curl can make use of this. All the others are missing the client-side changes for TLS 1.3. For example, apache has a mod_nss that can be used instead of mod_ssl, but mod_nss in 7 has not been adapted to the new NSS. Things will be similar for programs that use openssl for crypto: it's not enough to just update openssl to a new version.
By the way, the old apache in 7 can be made to do TLS 1.3 with minimal surgery: https://copr.fedorainfracloud.org/coprs/mlampe/mod_nss/
By the way, the old apache in 7 can be made to do TLS 1.3 with minimal surgery: https://copr.fedorainfracloud.org/coprs/mlampe/mod_nss/
-
arun168403
- Posts: 7
- Joined: 2018/07/13 12:12:56
Re: TLS1.3 Support
Thanks for the comments.
Regards,
Arun
Regards,
Arun