In this article, you will learn how to enable TLS 1.3 in Apache or NGINX.
The latest release of the Transport Layer Security protocol, TLS 1.3, provides improved privacy, better encryption, and faster connection rates than TLS 1.2. Your server’s security is enhanced, handshake times are reduced for faster HTTPS connections, and compliance with modern browsers and standards is guaranteed when you enable TLS 1.3 in Apache or NGINX.
Let us follow the steps to enable TLS 1.3 in Apache or NGINX:
- To Enable TLS 1.3 in Apache:
- Open the SSL configuration file (usually one of these):
/etc/httpd/conf.d/ssl.conf # or /etc/apache2/sites-available/default-ssl.conf
- Update or add the following lines to enable TLS 1.3 in Apache:
SSLProtocol TLSv1.2 TLSv1.3 SSLCipherSuite TLSv1.3 TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256
- Restart the Apache service:
sudo systemctl restart apache2 # or sudo systemctl restart httpd
- Lastly, verify whether TLS 1.3 is enabled by executing the following command:
openssl s_client -connect yourdomain.com:443 -tls1_3
- Open the SSL configuration file (usually one of these):
- To Enable TLS 1.3 in NGINX:
- Open your SSL configuration section, usually found in:
/etc/nginx/nginx.conf # or /etc/nginx/conf.d/ssl.conf
- Add or modify these directives:
ssl_protocols TLSv1.2 TLSv1.3; ssl_ciphers TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256;
- Restart the NGINX service:
sudo systemctl restart nginx
- Finally, confirm that TLS 1.3 is enabled by running the following command:
openssl s_client -connect yourdomain.com:443 -tls1_3
- Open your SSL configuration section, usually found in:
In this manner, enabling TLS 1.3 in Apache or NGINX improves your server’s security and performance, ensuring faster and more secure connections for your users.
Using cPanel? Learn How to install NGINX on cPanel
An SSL Certificate helps protect data in transit, improve visitor trust and support modern security protocols such as TLS 1.3.