id	summary	reporter	owner	description	type	status	priority	milestone	component	version	resolution	keywords	cc	uname	nginx_version
1670	Chipers list order not respected for TLS 1.3	iz8mbw@…		"Hi.
I'm running nginx 1.15.6, it was built on Linux from source code and ""linked"" to OpenSSL 1.1.1 that was built in /opt/ssl.

{{{
nginx version: nginx/1.15.6
built by gcc 4.8.2 (Raspbian 4.8.2-21~rpi3rpi1) 
built with OpenSSL 1.1.1  11 Sep 2018
TLS SNI support enabled
configure arguments: --with-cc-opt=-I/opt/ssl/include --with-ld-opt='-L/opt/ssl/lib -ldl -Wl,-rpath,/opt/ssl/lib' --conf-path=/etc/nginx/nginx.conf --pid-path=/var/run/nginx.pid --error-log-path=/var/log/nginx/error.log --http-log
-path=/var/log/nginx/access.log --user=www-data --group=www-data --with-debug --with-stream --with-http_ssl_module --with-openssl-opt=enable-tls1_3 --with-http_v2_module --with-pcre=/opt/pcre --with-http_perl_module --with-http_re
alip_module --with-http_gunzip_module --with-http_gzip_static_module --add-module=/root/autobuild/ngx_http_substitutions_filter_module-master
}}}

This is my nginx.conf file about the Chipers list and TLS 1.3 part:

{{{
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;

ssl_ciphers 'TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1
305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:EC
DHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:DES-CBC3-SHA:!DSS';
}}}

As you can see I have enabled three Chipers for TLS 1.3 in this order:
{{{
TLS_AES_128_GCM_SHA256
TLS_AES_256_GCM_SHA384
TLS_CHACHA20_POLY1305_SHA256
}}}

BUT if I try to check with ""Qualys SSL Labs"" webite (www.ssllabs.com), it shows me this Chipers list order for TLS 1.3:

{{{
# TLS 1.3 (suites in server-preferred order)
TLS_AES_256_GCM_SHA384 (0x1302)   ECDH x25519 (eq. 3072 bits RSA)   FS	256
TLS_CHACHA20_POLY1305_SHA256 (0x1303)   ECDH x25519 (eq. 3072 bits RSA)   FS	256
TLS_AES_128_GCM_SHA256 (0x1301)   ECDH x25519 (eq. 3072 bits RSA)   FS	128
}}}

Why nginx gives, for TLS 1.3, a Chipers list order different from my setting on the file nginx.conf?"	defect	closed	major	nginx-1.15	nginx-core	1.15.x	duplicate	tls 1.3, Chipers list, order		Linux iz8mbw 4.14.73-v7+ #1148 SMP Mon Oct 1 16:57:50 BST 2018 armv7l GNU/Linux	"nginx version: nginx/1.15.6
built by gcc 4.8.2 (Raspbian 4.8.2-21~rpi3rpi1) 
built with OpenSSL 1.1.1  11 Sep 2018
TLS SNI support enabled
configure arguments: --with-cc-opt=-I/opt/ssl/include --with-ld-opt='-L/opt/ssl/lib -ldl -Wl,-rpath,/opt/ssl/lib' --conf-path=/etc/nginx/nginx.conf --pid-path=/var/run/nginx.pid --error-log-path=/var/log/nginx/error.log --http-log
-path=/var/log/nginx/access.log --user=www-data --group=www-data --with-debug --with-stream --with-http_ssl_module --with-openssl-opt=enable-tls1_3 --with-http_v2_module --with-pcre=/opt/pcre --with-http_perl_module --with-http_re
alip_module --with-http_gunzip_module --with-http_gzip_static_module --add-module=/root/autobuild/ngx_http_substitutions_filter_module-master"