Ubuntu
apache2 package

TLS 1.3 support in Ubuntu 18.04

Asked by James Gregory-Monk on 2020-01-28

Hello,

I was wondering if anyone knew when TLS 1.3 support would be being released in Apache 2.4 in Ubuntu 18.04? OpenSSL 1.1.1 is now available (and nginx already supports it) but seemingly an update is required to enable this support in Apache.

Ideally we don't want to rely on a third-party repo (I know ones exist for Apache) so I was hoping it would be officially supported soon.

Thanks,
James

Question information

Language:: English Edit question

Status:: Open

For:: Ubuntu apache2 Edit question

Assignee:: No assignee Edit question

Last query:: 2020-02-24

Last reply:: 2020-02-23

Bernard Stafford (bernard010) said on 2020-02-23:

https://www.phoronix.com/scan.php?page=news_item&px=Ubuntu-18.04-OpenSSL-1.1.1-TLS

https://unix.stackexchange.com/questions/443341/how-to-enable-tlsv1-3-in-apache2

http://manpages.ubuntu.com/manpages/bionic/man3/CURLOPT_SSLVERSION.3.html

https://ayesh.me/TLSv1.3-Apache

https://help.ubuntu.com/lts/serverguide/

I could only find some reading material

Bernard Stafford (bernard010) said on 2020-02-23:

https://packages.debian.org/search?keywords=tls+1.3&searchon=all&suite=stable&section=all

This is a list of Debian Packages for TLS 1.3.
Possibly one that you can use. This list is comprised of stable buster releases.

James Gregory-Monk (jamgregory) said on 2020-02-24:

Hi bernard,

Thanks for your replies, but I don't think they answer my question unfortunately. I'm aware that OpenSSL 1.1.1 (which supports TLSv1.3) is available in Bionic, but the Apache package hasn't been updated to support the TLSv1.3 cipher suites. I was hoping someone would be able to advise of any timelines for supporting this.

Thanks,
James

Stuart MacIntosh (barf) said on 2020-03-10:

Hi James,

My expectation is that an upgrade to 20.04 will be required for TLS 1.3 support. Maybe someone else can confirm that?

TLS 1.3 is a new feature (not a specific security vulnerability with a CVE assigned, which would then make it's way into older LTS repos). And if I understand correctly the spec was still being written when 18.04 went LTS.

James Gregory-Monk (jamgregory) said on 2020-03-11:

Hi Stuart,

Given OpenSSL 1.1.1 (which adds TLS 1.3 support) was added to 18.04 after release, it seems a bit odd that Apache hasn't also been updated to support TLS 1.3.

Hopefully someone in the know will be able to update us on the situation :-)

Cheers,
James

Can you help with this problem?

Provide an answer of your own, or ask James Gregory-Monk for more information if necessary.

To post a message you must log in.

Ask a question

Edit question

Ubuntuapache2 package

TLS 1.3 support in Ubuntu 18.04

Question information

Related bugs

Related FAQ:

Can you help with this problem?

Subscribers

Ubuntu
apache2 package