TLS 1.3 makes your web servers more secure with latest security protocols. However, by default, TLS 1.3 is not enabled in Apache & NGINX web servers. Here’s how to enable TLS 1.3 in Apache, NGINX. You can use it to enable TLS 1.3 on Ubuntu, Debian, CentOS, Redhat, and other Linux systems.
How to Enable TLS 1.3 in Apache, NGINX
Here are the steps to enable TLS 1.3 in Apache & NGINX.
How to Enable TLS 1.3 in Apache
Only Apache 2.4.37+ support TLS 1.3. So if you are running an older version of Apache, upgrade it with the following command
Ubuntu/Debian ------------- # apt install apache2 Redhat/Fedora ------------- # yum install httpd
Open Apache virtual host configuration file (or server configuration file) in text editor.
# vi /etc/httpd/conf.d/vhost.conf OR # vi /etc/apache2/apache2.conf
Locate ssl_protocols directive in <VirtualHost *:443> tag
Add TLS v1.3 to it. If ssl_protocols directive is not present, add it.
<VirtualHost *:443> ... ssl_protocols TLSv1.2 TLSv1.3 ... </VirtualHost>
Then restart Apache web server to apply changes
-------------- On Debian/Ubuntu -------------- # apache2 -t # systemctl restart apache2.service -------------- On RHEL/CentOS/Fedora -------------- # httpd -t # systemctl restart httpd.service
How to Enable TLS 1.3 in NGINX
Open NGINX virtual host configuration (or server configuration) file in a text editor.
# vi /etc/nginx/conf.d/example.com.conf
Locate ssl_protocols directive and append TLS v1.3 to it in server block that listens to port 443.
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name example.com;
...
ssl_protocols TLSv1.2 TLSv1.3;
...
}
Restart NGINX server to apply changes
# nginx -t # systemctl restart nginx.service
Verify TLS 1.3
You can use any of the free online tools like TLS Checker to test if TLS v1.3 is enabled on your web server.
Hopefully now you can easily enable TLS 1.3 in Apache & NGINX web server.
Ubiq makes it easy to visualize data in minutes, and monitor in real-time dashboards. Try it Today!
Sreeram Sreenivasan is the Founder of Ubiq. He has helped many Fortune 500 companies in the areas of BI & software development.