Thanks a lot for the help Martijn. Fingers crossed it will appear soon. Our search engine rankings depend on it!
--Chad ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Thursday, April 30, 2020 4:16 PM, Martijn van Duren <openbsd+m...@list.imperialat.at> wrote: > If it's not in the manpage it's probably not there. > I did gave a quick look through the relayd source, but from what I saw > there's no TLS1.3 support there. > > On 4/30/20 3:55 PM, Chad Hoolie wrote: > > > Any idea about relayd though? I don't see any mentioning of 1.3 in man > > relayd.conf: > > tls > > no tlsv1.2 > > Disable the TLSv1.2 protocol. The default is to enable > > TLSv1.2. > > sslv3 Enable the SSLv3 protocol. The default is no sslv3. > > tlsv1 Enable all TLSv1 protocols. This is an alias that > > includes tlsv1.0, tlsv1.1, and tlsv1.2. The default is > > no tlsv1. > > tlsv1.0 > > Enable the TLSv1.0 protocol. The default is no tlsv1.0. > > tlsv1.1 > > Enable the TLSv1.1 protocol. The default is no tlsv1.1. > > --Chad > > ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ > > On Thursday, April 30, 2020 3:04 PM, Martijn van Duren > > openbsd+m...@list.imperialat.at wrote: > > > > > On 4/30/20 1:19 PM, Chad Hoolie wrote: > > > > > > > Hello, > > > > I'm using httpd with acme-client and Let's Encrypt > > > > (https://www.romanzolotarev.com/openbsd/acme-client.html). > > > > This setup, however, only seems to support TLS 1.2, whereas TLS 1.3 is > > > > needed to achieve A+ ratings across the board. > > > > Anybody know how to make the upgrade? > > > > --Chad > > > > > > httpd(8): > > > protocols string Specify the TLS protocols to enable for this server. > > > If not specified, the value "default" will be used (secure protocols; > > > TLSv1.2-only). Refer to the tls_config_parse_protocols(3) function for > > > other valid protocol string values. > > > tls_config_parse_protocols(3): > > > Valid keywords are tlsv1.0, tlsv1.1, tlsv1.2, tlsv1.3, all (all > > > supported protocols), > > > untested, but seems pretty self-explanatory.
