Mutzli
Very Senior Member
Does anyone know how to enable TLS v1.3 instead of TLS v1.2 in OpenVPN?
Right now the control channels in my system log shows:
Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
when opening a connection from a client.
Question 1:
Do I have to choose a different cipher?
The OpenVPN wiki says (https://wiki.openssl.org/index.php/TLS1.3) that the following control channel should be available TLS13-AES-256-GCM-SHA384 to enable TLS v1.3, which is not an option in the router config. Does that mean the current OpenVPN implementation in 384.12_beta2 doesn't support TLS v1.3 yet?
Question 2:
Is the problem client side?
Do I have to change the *.ovpn configuration to establish a TLSv1.3 connection?
Right now the control channels in my system log shows:
Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
when opening a connection from a client.
Question 1:
Do I have to choose a different cipher?
The OpenVPN wiki says (https://wiki.openssl.org/index.php/TLS1.3) that the following control channel should be available TLS13-AES-256-GCM-SHA384 to enable TLS v1.3, which is not an option in the router config. Does that mean the current OpenVPN implementation in 384.12_beta2 doesn't support TLS v1.3 yet?
Question 2:
Is the problem client side?
Do I have to change the *.ovpn configuration to establish a TLSv1.3 connection?