TLS 1.3 is now enabled.

However, as a side effect, now ssllabs only gives 90 pct. to cipher strength of my TLS configuration. This is unfortunate, as currently there’s (seemingly) no way to remove AES128 from TLS 1.3’s cipher suites in nginx.

Meanwhile, cipher suites provided by nginx, which were specified with an openssl cipher string and translated to many more ciphers after upgrading nginx / openssl, are now explicitly specified as TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305 (note that TLS1.3/AES128 is actually added by openssl automatically, albeit not specified.). The server now no longer perfers server’s choice of cipher, as any cipher chosen by the client is acceptable from the security perspective.

This actually gives the mobile devices better experience as CHACHA20 is more friendly to mobile devices.

KEX is switched to X25519 from secp384r1 as the latter is considered manipulatable. This downgrades KEX strength from 100 pct. to 90 pct. in ssllabs’ rating, though.

Switching KEX to X25519 only also makes ssllabs failed to issue HTTP request. It’s really weird.

OCSP stapling is enabled. Hopefully this will speed up page load.

TCP fast open is enabled. I just forgot to enable it after reinstalling my VPS.