Resolved TLSv1.3

[Walter]

It doesn't appear as though Plesk formally supports TLSv1.3. Either that or the sslmng command needs to be updated. How would you enable TLSv1.3 for nginx?

user@pleskserver:~# plesk sbin sslmng --custom --protocols="TLSv1.2 TLSv1.3"
WARNING:Ignoring unsuppored protocol TLSv1.3

user@pleskserver:~# plesk -v
Product version: Plesk Onyx 17.5.3 Update #22
    Update date: 2017/09/18 06:25
     Build date: 2017/03/17 16:00

user@pleskserver:~# nginx -v
nginx version: nginx/1.11.10

 

[Walter]

I missed my own version before posting the request. I am using nginx 1.11 and not 1.13

http://nginx.org/en/CHANGES
Changes with nginx 1.13.0 25 Apr 2017
*) Feature: the "TLSv1.3" parameter of the "ssl_protocols" directive.

Still interested in understanding where I can customize the TLS protocols and ciphers...

 

[UFHH01]

Hi Walter,

pls. see my previous answer to this question: => #2

 

[Walter]

I realized my error before your response and altered my question... I posted that I found my issue with the nginx version but am still interested in understanding where one would customize the protocols and ciphers for nginx manually?

 

[UFHH01]

Hi Walter,

where one would customize the protocols and ciphers for nginx manually?

A "find" - command helps you to display the corresponding files over your command line ( logged in as user "root" over SSH ), which use settings for "ssl_ciphers" or/and "ssl_protocols" at nginx - configuration - files.

Examples:

find /etc/nginx -type f -name "*.conf" -exec grep --color -Hni "ssl_ciphers" {} \;

and

find /etc/nginx -type f -name "*.conf" -exec grep --color -Hni "ssl_protocols" {} \;

 

[Walter]

Thank you UFHH01. Didn't just hand me a fish but gave me the pole, worm and hook!

/etc/nginx/conf.d/ssl.conf