Score:1

Server

TLS 1.3 not working on nginx 1.21 with openssl 1.1.1n

phonon112358

8/3/23, 6:21 PM

I have nginx (1.21.6) running with openssl 1.1.1n on a Debian 11 server. Although I followed many tutorials and looked at multiple questions in this forum about this topic, I can't get TLS 1.3 working. The output of nginx -V:

nginx version: nginx/1.21.6
built by gcc 10.2.1 20210110 (Debian 10.2.1-6)
built with OpenSSL 1.1.1k  25 Mar 2021 (running with OpenSSL 1.1.1n  15 Mar 2022)
TLS SNI support enable

I upgraded nginx to the mainline version because I wasn't able to get TLS 1.3 working in previous versions, too. It's very strange... Openssl definitely supports TLS 1.3. I tested it via openssl s_client -tls1_3 -connect www.cloudflare.com:443 which worked well. Here my ssl.conf file of nginx which I included in each of my nginx servers (certificates are included separately in the server sections):

ssl_session_timeout 1d;
ssl_session_cache shared:SSL:10m;  # about 40000 sessions
ssl_session_tickets off;

ssl_stapling on;
#ssl_trusted_certificate /pfad/bundle.ca.pem;
ssl_stapling_verify on;

ssl_dhparam /etc/nginx/dhparams.pem;

ssl_ecdh_curve X448:secp521r1:secp384r1;


ssl_protocols TLSv1.3 TLSv1.2;
ssl_ciphers TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-256-GCM-SHA384:TLS13-AES-128-GCM-SHA256:TLS-CHACHA20-POLY1305-SHA256:TLS-AES-256-GCM-SHA384:TLS-AES-128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
ssl_prefer_server_ciphers on;

# HSTS (ngx_http_headers_module is required) (63072000 seconds)
add_header Strict-Transport-Security "max-age=31536000;preload;includeSubDomains" always;

The Qualys ssltest of my sites doesn't however show that I use TLS 1.3 on my server. Also, Chrome browser shows that it connects via TLS 1.2. Even if I remove the TLSv1.2 directive from my ssl.conf and leaving only TLSv1.3, it connects still via TLS 1.2.

There is nowhere else a ssl_protocolsdirective in any other configuration file of nginx. I checked that via nginx -T.

I am really running out off ideas..... Can anyone help me?

EDIT: Somehow, nginx doesn't seem to react on the ssl_protocols and the ssl_ecdh_curve directive properly. E.g., when I delete the ssl_ciphers from my configuration (as @drookie suggested in his comment), TLS 1.0 and TLS 1.1 seem to be supported by my server although I set ssl_protocols TLSv1.3 TLSv1.2;. Similarly, according to Qualys ssltest, secp256r1 is supported, although I don't have this curve in my configuration of ssl_ecdh_curve (nor prime256v1). It seems to me as if something overwrites my settings in the ssl.conf file. I am using acme.sh for getting my certificates. grep -R 'ssl_protocol' /etc/* only gives the line in ssl.conf with ssl_protocols TLSv1.3 TLSv1.2;. I have no idea what could cause the interference/overwriting...

261

0 + 0

ssl

nginx

openssl

Steffen Ullrich

8/3/23, 7:07 PM

Have you checked the error log?

Robert Longson

8/3/23, 8:45 PM

What does nginx -t report?

phonon112358

8/3/23, 9:36 PM

@Robert Longson `nginx -t nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful`

phonon112358

8/3/23, 10:01 PM

@Steffen Ullrich: I only see errors coming from the SSLTest from qualys, indicating that some handshakes are not successful: `[crit] 94566#94566: *34 SSL_do_handshake() failed (SSL: error:14201044:SSL routines:tls_choose_sigalg:internal error) while SSL handshaking, client: 64.41.200.113, server: 0.0.0.0:443`. Even in debug mude, there are no further SSL errors displayed when I access the site.

phonon112358

8/3/23, 10:24 PM

another error coming from Qualys ssltest `[info] 47207#47207: *206 SSL_do_handshake() failed (SSL: error:1417A0C1:SSL routines:tls_post_process_client_hello:no shared cipher) while SSL handshaking, client: 64.41.200.114, server: 0.0.0.0:443`. But I guess that's normal

drookie

8/4/23, 4:39 AM

Revove `ssl_ciphers`, try defaults for starters. You may merely lack the cipher for the TLS 1.3.

phonon112358

8/4/23, 11:40 AM

@drookie Removing `ssl_ciphers`strangely yields the server to accept TLS 1.0 and TLS 1.1, but not TLS 1.3! Very interesting that it seems to ignore the `ssl_protocols`...

Score:1

Server

phonon112358

8/6/23, 12:20 AM

After many further tests and much reading, I finally found a solution. I had to write the ssl configuration in the http block, not in the server blocks of my nginx configuration. This worked, however, only if I copy the directives from my ssl.conf file explicitly to the http block in my nginx.conf (otherwise nginx -t outputs

nginx: [emerg] invalid number of arguments in "include" directive in /etc/nginx/nginx.conf:33
nginx: configuration file /etc/nginx/nginx.conf test failed

for some reason).

Hence, my http block of nginx.conf looks now as follows:

http {

  ...
 
    ssl_dhparam /etc/nginx/dhparams.pem;
    
    ssl_ecdh_curve X448:secp521r1:secp384r1;
    
    ssl_protocols TLSv1.3 TLSv1.2;
   ssl_ciphers 'TLS-CHACHA20-POLY1305-SHA256:TLS-AES-256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256';

   ...

    # Virtual Host Configs
    ##

    include /etc/nginx/conf.d/*.conf;
    include /etc/nginx/sites-enabled/*;
}

I don't know why these ssl settings have to be included/pasted in the http block rather than in each server block..... But it works and TLS 1.3 is enabled!

0 + 0

Han

2/15/23, 3:05 PM

My development environment is similar to yours (nginx 1.21.6 + openssl v1.1.1c + Debian 10) but in my case `ssl_protocols` in server block works normally without issue. did you download the latest commits of nginx v1.21.6 ? I think your nginx has some bugs which has been fixed after the time you downloaded it .

phonon112358

2/16/23, 5:17 PM

@Ham Yes , you're right ! I have just tested it again right now and it works also when `ssl_protocols`is in the `server`blocks. Thanks! Obviously, the bug has been fixed!

radius

4/12/23, 4:40 PM

@phonon112358 I'm having similar problem. Ham says "did you download the latest commits of nginx v1.21.6" I'm not sure to understand,1.21.6 is 1.21.6, commites over 1.21.6 would be a newer version. What have changed in your setup since last year ? Could you send output of nginx -V again ?

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: TLS 1.3 not working on nginx 1.21 with openssl 1.1.1n

TH: TLS 1.3 ไม่ทำงานบน nginx 1.21 พร้อม opensl 1.1.1n

RO: TLS 1.3 nu funcționează pe nginx 1.21 cu openssl 1.1.1n

RU: TLS 1.3 не работает на nginx 1.21 с openssl 1.1.1n

VI: TLS 1.3 không hoạt động trên nginx 1.21 với openssl 1.1.1n

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.