Do some of our netizens find that the websites that have been used and are running normally also have SSL certificates configured for HTTPS encrypted access. However, sometimes browser compatibility is not very good, mainly because it needs to support compatible SSL TLS1.3 protocol at present, while TLS1.2 protocol was basically used in the past. Starting from TLS 1.3, some insecure encryption algorithms are deleted. In this article, we organize the tutorial on how to configure TLS1.3 support in the regular pagoda panel.
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers TLS13-AES-256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-128-GCM-SHA256:TLS13-AES-128-CCM-8-SHA256:TLS13-AES-128-CCM-SHA256:EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+ECDSA+AES128:EECDH+aRSA+AES128:RSA+AES128:EECDH+ECDSA+AES256:EECDH+aRSA+AES256:RSA+AES256:EECDH+ECDSA+3DES:EECDH+aRSA+3DES:RSA+3DES:! MD5;
We check the SSL configuration of the current site.
If we used to configure the old pagoda panel, we can see that there is no TLS1.3 protocol. If we see that there is already TLS1.3 protocol, we should not modify it.
Similarly, if we do not use the panel and use other one click LNMP environment, it is also similar. However, Lao Zuo suggested that as time goes by, the WEB environment is relatively old or the software is relatively old. In fact, we recommend reformatting or optimizing the system within a year or so, just like cleaning at home, we also need to slightly optimize the server.
