On Tue, Sep 11, 2018 at 08:10:01PM +0200, Kurt Roeckx wrote: > On Tue, Sep 11, 2018 at 04:59:45PM +0200, Juan Isoza wrote: > > Hello, > > > > What is the better way, for anyone running, by example, Apache or nginx on > > a popular Linux districution (Ubuntu, Debian, Suse) and want support TLS > > 1.3 ? > > > > Waiting package update to have openssl 1.1.1 ? probably a lot of time > > > > Recompile openssl dynamic library and replace system library ? We must be > > sure we don't broke the system > > > > Recompile Apache or NGinx with openssl statically linked ? probably complex > > Note that you most likely need an update of both nginx/apache and > openssl. > > I will very likely make 1.1.1 available in Debian backports. I hope that > the nginx maintainer will also make a version that works with 1.1.1. Looking at stretch-backports, it already has an nginx version that is recent enough, so you would just need a new openssl. I can only do an openssl upload to backports after it has reached testing. Kurt -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
