id summary reporter owner description type status priority milestone component version resolution keywords cc uname nginx_version 2487 List of TLS 1.2 and TLS 1.3 extensions supported by nginx Preetham777@… "Hi Team, wanted to get the list of TLS 1.2 and TLS 1.3 extensions that is being currently supported by nginx (version >=1.22.x). Specifically looking for the below extensions. TLS 1.2 | signed_certificate_timestamp, or sct (0x0012) | [RFC6962] | | encrypt_then_mac (0x0016) | [RFC7366] | | status_request (0x0005) | [RFC6066] | | use_srtp (0x000E) | [RFC5764] | | padding (0x0015) | [RFC7685] | | record_size_limit (0x001C) | [RFC8449] | | trusted_ca_keys (0x0003) | [RFC6066] | | user_mapping (0x0006) | [RFC4681] | | srp (0x000C) | [RFC5054] | | status_request_v2 (0x0011) | [RFC6961] | | session_ticket (0x0023) | [RFC5077] [RFC8447]| TLS 1.3 | signed_certificate_timestamp | [RFC6962] | | status_request (0x0005) | [RFC6066] | | use_srtp (0x000E) | [RFC5764] | | padding (0x0015) | [RFC7685] | | record_size_limit (0x001C) | [RFC8449] | | pre_shared_key (0x0029) | [RFC8446] | | psk_key_exchange_modes (0x002D) | [RFC8446] | | certificate_authorities (0x002F) | [RFC8446] | | oid_filters (0x0030) | [RFC8446] | | post_handshake_auth (0x0031) | [RFC8446] | " task new trivial documentation 1.22.x TLS extensions Linux rocky8 "bash-4.4# nginx -V nginx version: nginx/1.22.1 built by gcc 8.5.0 20210514 (Red Hat 8.5.0-16) (GCC) built with OpenSSL 1.1.1k FIPS 25 Mar 2021 TLS SNI support enabled configure arguments: --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --modules-path=/usr/lib64/nginx/modules --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --user=nginx --group=nginx --with-http_ssl_module --with-http_realip_module --with-http_addition_module --with-http_sub_module --with-http_dav_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_stub_status_module --with-http_auth_request_module --with-http_degradation_module --add-dynamic-module=./3rd_party/njs-master/nginx --with-threads --with-stream --with-stream_ssl_module --with-file-aio --with-pcre-jit --without-pcre2 --with-mail --with-mail_ssl_module --with-http_drain_module --with-http_slice_module --with-http_v2_module --with-http_random_index_module --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_secure_link_module --with-http_xslt_module --with-http_geoip_module --with-stream_geoip_module --with-stream_realip_module --with-stream_ssl_preread_module --without-http_autoindex_module --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/wsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --add-module=./3rd_party/nginx_upstream_check_module --add-module=./3rd_party/nginx-sticky-module --add-module=./3rd_party/nginx-module-sts-master --add-module=./3rd_party/nginx-module-stream-sts-master --add-module=./3rd_party/nginx-module-vts-master --add-module=./3rd_party/ngx_devel_kit-0.3.0 --add-module=./3rd_party/lua-nginx-module-0.10.19 --add-module=./3rd_party/echo-nginx-module-master --add-module=./3rd_party/headers-more-nginx-module-master --add-module=./3rd_party/lua-upstream-nginx-module-master --add-module=./3rd_party/stream-lua-nginx-module-0.0.9 --add-module=./3rd_party/ngx_http_proxy_connect_module-master --add-module=./3rd_party/nginx_cookie_flag_module-master --add-module=./3rd_party/nginx_ajp_module-0.3.2 --add-module=./3rd_party/set-misc-nginx-module-0.32 --add-module=./3rd_party/ngx_http_substitutions_filter_module-master --add-dynamic-module=./3rd_party/ModSecurity-nginx-1.0.3 --with-ld-opt=-Wl,-rpath"