https://besterry.com/tags/tls/Recent content in Tls on Besterry — Linux & DevOps NotesHugoen-usMon, 05 Aug 2024 00:00:00 +0000https://besterry.com/posts/tls-modern-ciphers/Mon, 05 Aug 2024 00:00:00 +0000https://besterry.com/posts/tls-modern-ciphers/<p>Configuring TLS ciphers used to involve copying a magic list from Mozilla SSL Configurator and moving on. In 2026 the landscape has shifted enough that revisiting is worth it.</p> <h2 id="what-changed">What changed</h2> <ul> <li>TLS 1.3 is now supported by 95%+ of clients. Serving TLS 1.0 or 1.1 is an active liability.</li> <li>OpenSSL 3.x became the default on most modern distros. Some older ciphers are simply gone.</li> <li>Post-quantum hybrid key exchange (X25519-Kyber768) started rolling out in Chrome and Firefox.</li> <li>Perfect Forward Secrecy is universally expected. No more RSA key exchange.</li> </ul> <h2 id="recommended-nginx-config">Recommended nginx config</h2> <pre><code>ssl_protocols TLSv1.2 TLSv1.3; # TLS 1.3 cipher suites (nginx picks automatically) ssl_ciphers 'TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256'; ssl_prefer_server_ciphers off; ssl_ecdh_curve X25519:secp521r1:secp384r1; </code></pre> <p><code>ssl_prefer_server_ciphers off</code> is correct for modern deployments — clients know better than servers which ciphers perform well on their hardware.</p>