From 1b3da473cd3602277c6d9c8003e1dba0c13cf987 Mon Sep 17 00:00:00 2001
From: Juliusz Sosinowicz <juliusz@wolfssl.com>
Date: Wed, 6 Nov 2019 13:51:11 +0100
Subject: [PATCH] Test with TLS 1.3

---
 conf/nginx_tls13.conf | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/conf/nginx_tls13.conf b/conf/nginx_tls13.conf
index cb38cd2..a18159c 100644
--- a/conf/nginx_tls13.conf
+++ b/conf/nginx_tls13.conf
@@ -356,6 +356,7 @@ http {
             proxy_ssl_certificate_key      client-key.pem;
             proxy_ssl_verify               on;
             proxy_ssl_crl                  crl.pem;
+            proxy_ssl_protocols            TLSv1.3;
         }
     }
     # Proxy using ECDHE cipher suites and CRL
@@ -383,6 +384,7 @@ http {
             proxy_ssl_certificate_key      client-key.pem;
             proxy_ssl_verify               on;
             proxy_ssl_crl                  crl.pem;
+            proxy_ssl_protocols            TLSv1.3;
         }
     }
     # Proxy using ECDHE and ECDSA cipher suites
@@ -410,6 +412,7 @@ http {
             proxy_ssl_certificate_key      client-key.pem;
             proxy_ssl_verify               on;
             proxy_ssl_session_reuse        on;
+            proxy_ssl_protocols            TLSv1.3;
         }
     }
     # Proxy using complete chain
@@ -437,6 +440,7 @@ http {
             proxy_ssl_certificate_key      client-key.pem;
             proxy_ssl_verify               on;
             proxy_ssl_session_reuse        on;
+            proxy_ssl_protocols            TLSv1.3;
         }
     }
     # Proxy using incomplete chain
@@ -464,6 +468,7 @@ http {
             proxy_ssl_certificate_key      client-key.pem;
             proxy_ssl_verify               on;
             proxy_ssl_session_reuse        on;
+            proxy_ssl_protocols            TLSv1.3;
         }
     }
 
@@ -494,6 +499,7 @@ http {
             proxy_ssl_verify               on;
             proxy_ssl_crl                  crl-revoked.pem;
             proxy_ssl_session_reuse        on;
+            proxy_ssl_protocols            TLSv1.3;
         }
     }
     # OCSP Stapling