A common task in TLS server configuration is selecting which cipher suites to use. To communicate securely, TLS needs to decide which cryptographic primitives to use to achieve its goals (e.g., confidentiality). This is done by selecting a suitable cipher suite, which makes a series of decisions about how authentication, key exchange, encryption, and other operations are done. Programs that rely on OpenSSL usually adopt the same approach to suite configuration that OpenSSL uses, simply passing through the configuration options.
Before TLS 1.3, the usual server configuration would include cipher suite configuration and an option for the server to prefer the stronger suites during the negotiation. Because of some differences in the design of TLS 1.3 from earlier protocol versions, OpenSSL decided to configure it differently, increasing the complexity of server configuration. I’ll discuss this in the following sections.
Coming up with a good suite configuration can be pretty time consuming, and there are a lot of details to consider. I wrote this section to serve two goals. If you don’t want to spend a lot of time learning how to use OpenSSL and how to rank cipher suites, simply use the default configuration I provide. On the other hand, if you prefer to learn the ins and outs of OpenSSL configuration, this section has the answers.