Apache – How to enable TLSv1.3 in Apache2

apache-httpdssl

I am running Apache2 version:

Server version: Apache/2.4.29 (Ubuntu)
Server built:   2018-04-25T11:38:24

I would like to enable TLSv1.3 but I get an error below in Apache2 if I put SSLProtocol TLSv1.2 TLSv1.3 in the ssl.conf file:

# apachectl configtest

AH00526: Syntax error on line 79 of /etc/apache2/mods-enabled/ssl.conf:
SSLProtocol: Illegal protocol 'TLSv1.3'
Action 'configtest' failed.
The Apache error log may have more information.

Is it not possible to enable TLSv1.3 in Apache2 (yet)?

I know Nginx can do it, but this question aims at Apache2.

Best Answer

TLSv1.3 is not yet supported by Apache 2.4.

When it is supported by OpenSSL (see info here), Apache 2.4 should have it too.

Related Solutions

Apache2 SSLEngine – Fixing Invalid Command ‘SSLEngine’ Error

Probably you do not load the ssl module. You should have a LoadModule directive somewhere in your apache configuration files.

Something like:

LoadModule ssl_module /usr/lib64/apache2-prefork/mod_ssl.so

Usually apache configuration template has (on any distribution) a file called (something like) loadmodule.conf in which you should find a LoadModule directive for each module you load into apache at server start.

Apache – Is it possible to use TLSv1.3 in Apache 2.4

June 2019 Update

It's here! Apache 2.4.37 (released 22-October-2018) adds support for OpenSSL 1.1.1 and TLSv1.3 . Make sure you use at least 2.4.39 though due to security issues.

March 2018 Update

TLS 1.3 draft is up to v26. There is general support in the main SSL libraries for varying versions of the Draft. It doesn't look like Chrome and Firefox have shipped it "on" as default yet. Cloudflare have written about some issues with using TLS 1.3 across some TLS 1.2 devices when trials were done.

Dec 2017 Update

The TLS 1.3 Draft is up to v22. Not much change in servers and clients, probably waiting for something closer to the formal release spec.

June 2017 Update

The mod_nss module can be used to enable TLS 1.3 on Apache 2.4

Most SSL implementations have varying features of TLS 1.3 implemented.

Chrome and Firefox have shipped TLS 1.3 behind feature flags.

Feb 2017 Update

There are some TLS 1.3 implementations now the spec is a bit more mature. BoringSSL and OpenSSL are working on 1.3 but it seems to be a WIP. No mod_ssl TLS 1.3 yet.

Original

There doesn't seem to be any OpenSSL implementations of the draft TLS 1.3 specification yet which would be required for modssl to support it. So I'm going to say no.

Neither the OpenSSL or BoringSSL projects mention TLS 1.3 much other than people fixing bugs with forethought of what looks like coming in TLS 1.3. There's only a couple of references to the 1.3 version in the tests for OpenSSL.