Is it possible to use TLSv1.3 in Apache2.4? As of October 2015, TLS 1.3 is a working draft, i.e. TLSv1.3.
Apache – Is it possible to use TLSv1.3 in Apache 2.4
apache-httpdssl
apache-httpdssl
Is it possible to use TLSv1.3 in Apache2.4? As of October 2015, TLS 1.3 is a working draft, i.e. TLSv1.3.
Best Answer
June 2019 Update
It's here! Apache 2.4.37 (released 22-October-2018) adds support for OpenSSL 1.1.1 and TLSv1.3 . Make sure you use at least 2.4.39 though due to security issues.
March 2018 Update
TLS 1.3 draft is up to v26. There is general support in the main SSL libraries for varying versions of the Draft. It doesn't look like Chrome and Firefox have shipped it "on" as default yet. Cloudflare have written about some issues with using TLS 1.3 across some TLS 1.2 devices when trials were done.
Dec 2017 Update
The TLS 1.3 Draft is up to v22. Not much change in servers and clients, probably waiting for something closer to the formal release spec.
June 2017 Update
The mod_nss module can be used to enable TLS 1.3 on Apache 2.4
Most SSL implementations have varying features of TLS 1.3 implemented.
Chrome and Firefox have shipped TLS 1.3 behind feature flags.
Feb 2017 Update
There are some TLS 1.3 implementations now the spec is a bit more mature. BoringSSL and OpenSSL are working on 1.3 but it seems to be a WIP. No mod_ssl TLS 1.3 yet.
Original
There doesn't seem to be any OpenSSL implementations of the draft TLS 1.3 specification yet which would be required for modssl to support it. So I'm going to say no.
Neither the OpenSSL or BoringSSL projects mention TLS 1.3 much other than people fixing bugs with forethought of what looks like coming in TLS 1.3. There's only a couple of references to the 1.3 version in the tests for OpenSSL.