2

I went through a lengthy process removing mod_ssl and replaced it with gnutls because I wanted to use TLS 1.3.

The difference I’ve noticed is gnutls doesn’t support older, legacy methods, only new ones.

OpenSSL supports them all. Is that a better choice? I could find very little support configuring with gnutls and Apache other than the RTFM pages.

Cons pro? Should I move back to mod_ssl? I'm leaning towards, I made a mistake with GnuTLS just for TLS 1.3 and to get a good security ranking score.

ajmcello
  • 71
  • 5

1 Answers1

2

Most people use OpenSSL, and it has been updated to work with newer versions of TLS as well as older versions (backwards compatibility).

As far as which is better, I don't know, but most use OpenSSL.

And regarding "Server Fault" in the comment, the user could have been more informative, and likely was referring to the domain, serverfault.com, which they did not elaborate to, making it confusing.

user7464122
  • 89
  • 4
  • It is referred to as Server Fault all the time here. Nothing startling about my comment. – user207421 Mar 22 '22 at 04:10
  • 3
    Last I checked, there's quite a bit of programming to get this sort of thing set up. Word Definition: Programming is the implementation of logic to facilitate specified computing operations and functionality. It occurs in one or more languages, which differ by application, domain and programming model. – ajmcello Mar 22 '22 at 04:36
  • @ajmcello No. There is *no* programming required to set this up. Just simple editing of configuration files. Clearly you haven't tried it. And that's why it belongs on Server Fault, where you will find many similar questions. – user207421 Mar 22 '22 at 06:07
  • 3
    @user207421 - There is a fair amount of involvement in setting this up, not just simple editing of configuration files and copy/pasting "instructions" online. OP Needed help and seemed appropriately polite. Not everyone is aware of 'Server Fault', which I'm glad to see was explained to OP as a place to go for server problems. – user7464122 Mar 22 '22 at 11:24