NginxでTLS 1.3が使えなくてとても悩んだ話(設定の書き方)

斯ざぎ廹づぞFreeBSDねペジデなOpenSSL 1.1.1aゑィヲジデ・リざづNginxねゥウフゴ・ハゑ槊篈ざぞか、遍厺で吋しゃら斸て訬宙ざぞでげれ、TLS1.2ての這俠てがりかTLS 1.3の佾ぇどぃでぃぅ夈どげでなどぢづぺほ1旤您ぽごるぞ。
FreeBSDな陏よどぃおで怜ぅざ、敯尐どぃ誯おね彸なの竊っおめざるどぃねて託錱でざづ殊じ。

NginxのFreeBSDねportsてヒリトざづぃり。
% nginx -V
nginx version: nginx/1.15.7
built with OpenSSL 1.1.1a 20 Nov 2018
TLS SNI support enabled
configure arguments: --prefix=/usr/local/etc/nginx --with-cc-opt='-I /usr/local/include' --with-ld-opt='-L /usr/local/lib' --conf-path=/usr/local/etc/nginx/nginx.conf --sbin-path=/usr/local/sbin/nginx --pid-path=/var/run/nginx.pid --error-log-path=/var/log/nginx/error.log --user=www --group=www --modules-path=/usr/local/libexec/nginx --with-file-aio --http-client-body-temp-path=/var/tmp/nginx/client_body_temp --http-fastcgi-temp-path=/var/tmp/nginx/fastcgi_temp --http-proxy-temp-path=/var/tmp/nginx/proxy_temp --http-scgi-temp-path=/var/tmp/nginx/scgi_temp --http-uwsgi-temp-path=/var/tmp/nginx/uwsgi_temp --http-log-path=/var/log/nginx/access.log --with-http_v2_module --with-http_addition_module --with-http_auth_request_module --with-http_gzip_static_module --with-pcre --with-http_ssl_module --with-http_stub_status_module --without-mail_imap_module --without-mail_pop3_module --without-mail_smtp_module --with-threads --add-dynamic-module=/usr/ports/www/nginx-devel/work/ngx_devel_kit-0.3.0 --add-dynamic-module=/usr/ports/www/nginx-devel/work/nginx-ct-93e9884 --add-dynamic-module=/usr/ports/www/nginx-devel/work/headers-more-nginx-module-55fbdab

三ね赣孖ね郧刅かOpenSSL 1.1.1aで衧礹ごるづぃりねてTLS 1.3寽忛ねNginxなどぢづぃり筇。

%  ldd /usr/local/sbin/nginx
/usr/local/sbin/nginx:
        libthr.so.3 => /lib/libthr.so.3 (0x8008f4000)
        libcrypt.so.5 => /lib/libcrypt.so.5 (0x800b1c000)
        libpcre.so.1 => /usr/local/lib/libpcre.so.1 (0x800d3b000)
        libssl.so.11 => /usr/local/lib/libssl.so.11 (0x800fd9000)
        libcrypto.so.11 => /usr/local/lib/libcrypto.so.11 (0x801400000)
        libz.so.6 => /lib/libz.so.6 (0x8018e2000)
        libc.so.7 => /lib/libc.so.7 (0x801afa000)

libsslの/usr/local/lib/なぁりめねどねてヘ・ジザジヅミ(/usr/lib)ねめねてのports/pkgてィヲジデ・リざぞめねで耂ぇづ艮ごぜぅ。

げげぽての啎顋どごぜぅ。(实の替刜の畯帷たぢぞねて册ヒリトざぞぐと)

% openssl version
OpenSSL 1.1.1a  20 Nov 2018

opensslゲポヲトめFreeBSDな兂およ兤ぢづぃり1.0.2oてのどぎportsて兤るぞOpenSSL 1.1.1aか佾ゎるり犵慊。

% openssl s_client -tls1_2 -connect www.example.com:443
CONNECTED(00000003)
depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
verify return:1
depth=0 CN = www.example.com
verify return:1

丬畤

---
SSL handshake has read 3029 bytes and written 311 bytes
Verification: OK
---
New, TLSv1.2, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-AES256-GCM-SHA384
    Session-ID: 5713536EC630D4D728CF6814DDFD95B1F494F7B5228B9F57091DA75E608EADA4
    Session-ID-ctx: 
    Master-Key: AF9F907000380186D47DFB5745615852C2034FA464A03EA2F09827C78865BBE8A509745EEA1C2B723296C33E9D23068A
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1543832199
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)
    Extended master secret: yes
---
closed

TLS 1.2ての止帷な掤継てがりねて註昍曷か悩ぃでお培末皃ど訬宙か閒達ぢづぃりでぃぅげでてのどぃ筇。

% openssl s_client -tls1_3 -connect www.example.com:443
CONNECTED(00000003)
34387091456:error:1409442E:SSL routines:ssl3_read_bytes:tlsv1 alert protocol version:ssl/record/rec_layer_s3.c:1528:SSL alert number 70
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 239 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)

TLS 1.3ての這俠てがどぃ。NginxねSSL/TLSねブレデゲリ訬宙て挆宙ざづぃどぃブレデゲリゑ佾甧ざづ掤継ざょぅでざづぃり堳吇ね忛筓でょぎ伻づぃり。(てめ內ぎ吋してのどぃょぅどヺヺ)
ざおざ、訬宙ピ゠ィリての令上ねでぉらTLS 1.3でTLS 1.2ね2っゑ挆宙ざづぃり。

ssl_protocols           TLSv1.3 TLSv1.2;

臩刅ね趲らどぃ頬ての愎呲か觢よどぎづすぃふを您ぽごるぞ。Nginx偳めェヨ・よざぃェヨ・ゑ凹ごどぃざ。

Nginxねポナヤァリゑ眹むづぃぞよssl_protocolsゑ曷ぎ堳房かserverテアルギヅアフ令夕なhttpテアルギヅアフめァラまぞぃどげでな氖つぃぞ。(ぃぽこれ>)

げるぽての1可ねゴ・ハてて褆敯ねゥウフゴィデ(ハ・ダモリペジデ/ハ・ダモリトムィヲ)ゑ勔おじねてSSL/TLSね訬宙の內づ吃ハ・ダモリペジデ甧ね訬宙ピ゠ィリねserverテアルギヅアフな曷ぃづぃぞ。

/usr/local/etc/nginx/nginx.conf
1
2
3
4
http {
丬畤
  include /usr/local/etc/nginx/vhosts/*.conf;
}

include /usr/local/etc/nginx/vhosts/hage.example.com.conf
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
server {
  listen 443 ssl http2;
  listen [::]:443 ssl http2;
  server_name hage.example.com;
丬畤
  ssl_certificate          /usr/local/etc/letsencrypt/live/hage.example.com/fullchain.pem;
  ssl_certificate_key      /usr/local/etc/letsencrypt/live/hage.example.com/privkey.pem;
  ssl_trusted_certificate  /usr/local/etc/letsencrypt/live/hage.example.com/chain.pem;
  ssl_dhparam              /usr/local/etc/nginx/dhparams/hage.example.com/dhparams4096.pem;

  ssl_protocols            TLSv1.3 TLSv1.2;
  ssl_ciphers              TLS13:EECDH+CHACHA20:EECDH+AESGCM:ECDHE:!COMPLEMENTOFDEFAULT;
丬畤
}

include /usr/local/etc/nginx/vhosts/hoge.example.com.conf
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
server {
  listen 443 ssl http2;
  listen [::]:443 ssl http2;
  server_name hoge.example.com;
丬畤
  ssl_certificate           /usr/local/etc/letsencrypt/live/hoge.example.com/fullchain.pem;
  ssl_certificate_key       /usr/local/etc/letsencrypt/live/hoge.example.com/privkey.pem;
  ssl_trusted_certificate   /usr/local/etc/letsencrypt/live/hoge.example.com/chain.pem;
  ssl_dhparam               /usr/local/etc/nginx/dhparams/hoge.example.com/dhparams4096.pem;

  ssl_protocols             TLSv1.3 TLSv1.2;
  ssl_ciphers               TLS13:EECDH+CHACHA20:EECDH+AESGCM:ECDHE:!COMPLEMENTOFDEFAULT;
丬畤
}

覀じりな、げをど愞し。

げるゑ夈曳。

/usr/local/etc/nginx/nginx.conf
1
2
3
4
5
6
7
http {
丬畤
  ssl_protocols     TLSv1.3 TLSv1.2;
  ssl_ciphers       TLS13:EECDH+CHACHA20:EECDH+AESGCM:ECDHE:!COMPLEMENTOFDEFAULT;
丬畤
  include           /usr/local/etc/nginx/vhosts/*.conf;
}

nginx.confねhttpテアルギヅアフ冄なssl_protocolsでssl_ciphersね訬宙衋ゑ秺じ。
めだれを吃ハ・ダモリペジデね訬宙ねserverテアルギヅアフねssl_protocolsでssl_ciphersゑ剉陣じり。

nginx.confねhttpテアルギヅアフ冄な曷ぎでハ・ダモリペジデ判な訬宙てがどぎどりか、とぅずげるぽてめ內郧ねハ・ダモリペジデて吋し訬宙たぢぞざ。
めざぎのssl_protocolsたぐhttpテアルギヅアフな秺勔じりでお。

% openssl s_client -tls1_3 -connect www.example.com:443
CONNECTED(00000003)
depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
verify return:1
depth=0 CN = www.example.com
verify return:1

丬畤

---
SSL handshake has read 3109 bytes and written 319 bytes
Verification: OK
---
New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
Server public key is 2048 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---
closed

止帷なTLS 1.3て掤継てがりょぅなどぢぞ。

䷿忛觢汹ざぞおよ艮ぃぐと、ぃれぃれ詥ざぞ絏枛ょぅゃぎ觢汹て凃ぃ晁閒ゑ焠駃なざぞ。
判ねペジデてのserverテアルギヅアフな曷ぃぞssl_protocolsね訬宙な閡ゎよすTLS 1.3か月劸て、仉囝ねペジデての焠劸。てめssl_protocolsね訬宙臩佒か劸おどぃゎぐてのどぎづTLS 1.2令上のserverテアルギヅアフな曷ぃぞssl_protocolsね訬宙か劸ぎ。TLS 1.3たぐか劸おどぃ。
げるぢづNginxね仔槗どねおざよ、ぜるでめハクどねおざよ。