I am working with Nginx and Certbot, I have secured a domain with HTTPS. I would like to get the domain up to TLS 1.3.
The Nginx server block for my domain get's it's SSL protocols from the included file Certbot creates.
The file /etc/letsencrypt/options-ssl-nginx.conf
states that if I modify the file Certbot will be unable to automatically provide security updates.
I want to modify the file's ssl_protocols
line by adding TLSv1.3
to the end, but I do not want to break certbot's automatic updates.
Is is possible to tell certbot to enable TLS 1.3?
Software Versions
- Nginx 1.14.0
- OpenSSL 1.1.1
- Certbot 0.31.0
- Ubuntu 18.04
Best Answer
If you install an updated version of Certbot you will have TLS 1.3 enabled by default, Snap is the best way to install Certbot (More instructions here: https://certbot.eff.org/).
Later run Certbot like you want
Or
Or