trafficserver-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject Force trafficserver to TLSv1.3
Date Thu, 10 Dec 2020 10:44:29 GMT
Hi All,

I am using trafficserver 8.1.1 and OpenSSL 1.1.1f.
My client starts http connection to ATS and then ATS map connection to
origin server over https.


For https I would like to use only TLSv1.3 but I am not able to force
trafficserver to TLSv1.3,
I can always see in catched pcap that ATS starts with TLSv1.2 Client Hello,

CONFIG proxy.config.ssl.TLSv1 INT 0
CONFIG proxy.config.ssl.TLSv1_1 INT 0
CONFIG proxy.config.ssl.TLSv1_2 INT 0
CONFIG proxy.config.ssl.TLSv1_3 INT 1
CONFIG proxy.config.ssl.client.TLSv1 INT 0
CONFIG proxy.config.ssl.client.TLSv1_1 INT 0
CONFIG proxy.config.ssl.client.TLSv1_1 INT 0
CONFIG proxy.config.ssl.client.TLSv1_3 INT 1
CONFIG proxy.config.ssl.client.certification_level INT 1
CONFIG proxy.config.ssl.client.verify.server INT 1
CONFIG proxy.config.ssl.server.TLSv1_3.cipher_suites STRING
CONFIG proxy.config.ssl.client.TLSv1_3.cipher_suites STRING

Could you please help me solve this issue?

Thanks Peter

View raw message