The TLS 1.3 is a latest encryption protocol perfectly know for its speed and security. This guide shows you how you will integrate TLS 1.3 to Nginx and Apache. TLS 1.3 is a only TLS protocol version that don’t have any known security vulnerabilities, security issues and bugs. In this modern computing world the main thing protect our data during the data transmission.

The HTTPS (Hypertext Transfer Protocol Secure) and TLS (Transport Layer Security) can resolve the encryption issue. First TLS protocol is developed by the Netscape and later it is standardized by the IETF (Internet Engineering Task Force). The latest TLS 1.3 is supported by the all major browser so there will be no compatibility issue. By using the TLS 1.3 it provides better security and fastest speed than all previous TLS versions.

TLS 1.3 Advantages

  • TLS 1.3 provides Hardened security and data integrity features.
  • Faster page load time (TTFB) without loosing the security.
  • In TLS 1.3 the full TLS handshake requires less time compared to other TLS versions.
  • It provides safe web browsing and faster experience.
  • Integration of TLS 1.3 protocol to a web server is so easy.
  • Robust security features of TLS 1.3 includes support for highly secure cryptography.
  • TLS 1.3 has improved more performance and security than earlier TLS versions.

By implementing the TLS 1.3 this should basically increases the performance as well as security without facing any downtime.

Step-1 : Prerequisites for TLS1.3 Integration

While integrating the latest TLS 1.3 it have some prerequisites. It should be checked before for moving forward towards next steps.

  • The Nginx a high performance web server requires version Nginx 1.13 and later versions also supports TLS 1.3. To check the Nginx version you can run the command nginx -v on Linux server.
  • The Apache web server requires later version from Apache 2.4.38 to check Apache version you have to run the commands on your Linux server apachectl status.
  • The OpenSSL version 1.1.1 should be required as later versions also supports TLS 1.3. To check out this you need to verify it from server by using the command openssl version -a on Linux server.
  • Valid SSL Certificates required as it can be free Lets Encrypt SSL or any third party SSL certificates.

If all requirements are successfully validated then lets proceed for next steps.

Step-2 : Implement the TLS 1.3

First of all login to the Linux Server.

For Apache

Just find the ssl.conf file and start modifying it just find the directives given below.

Just locate the given lines inside the configuration files.

SSLProtocol -all +TLSv1.2

Completely modify the given line as below

SSLProtocol -all +TLSv1.2 +TLSv1.3

After that restart the services related to Apache web server to add the TLS1.3 settings to it. When done it will integrated to Apache.

For Nginx

Just navigate to the nginx.conf file and editing Nginx Configuration file after that search for given directives.

Find the given lines inside the server block

ssl_protocols TLSv1.1 TLSv1.2;

Need to replace it with given lines

ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;

When done just restart the Nginx services to make changes in effect. After that it’ll automatically added to Nginx.

Step-3 : Verify the TLS Version

Once all configuration done further lets move it to verify.

  • Once you have open the web browser of your choice.
  • Lets navigate to the website.
  • You can easily check by hitting the “Green Padlock” symbol from the web address navigation bar.
  • From there you can verify the TLS Version.

If it shows TLS 1.3 then it is successfully integrate to the website.


We have provided a step by step guidelines how to integrate the TLS 1.3 support on your Linux server. This will be beneficial to you as TLS 1.3 is reliable and faster performance supports. TLS 1.3 features quick TLS handshake than any previous versions.

TLS 1.3 also help you to reduce the latency so faster access speed. The TLS 1.3 is more performance based without compromising any security. this will enhance your server response times while maintaining the compatibility of server.