TLS 1.3 was released after a decade of TLS 1.2, following approximately 28 drafts before being finalized by the IETF (Internet Engineering Task Force).
TLS 1.3 offers numerous advantages over its predecessors, including improved speed, enhanced security, a streamlined handshake process, and redesigned cipher suites.
Everything You Need to Know About TLS 1.3 – Faster and More Secure Than Previous Versions
Since TLS 1.3 is significantly faster, more secure, and optimized for modern web communication, enabling it on your servers can greatly enhance performance and security. It reduces handshake latency, removes outdated cryptographic algorithms, and strengthens encryption protocols.
You may want to enable TLS 1.3 on servers like Nginx, Apache, Tomcat, Cloudflare, and others to provide your users with a better, more secure experience.
In this guide, we provide clear, step-by-step instructions on how to enable TLS 1.3 on Nginx, Apache, Tomcat, and Cloudflare, ensuring your servers are up-to-date with the latest web security standards.
How to Enable TLS 1.3 in Nginx
When enabling TLS 1.3 on Nginx, ensure your Nginx version is 1.13 or higher.
Nginx versions before 1.13 do not support TLS 1.3. Please upgrade your Nginx to version 1.13 or later before proceeding.
- Log in to your Nginx server (ensure it runs Nginx version 1.13 or higher).
- Take a backup of the nginx.conf file.
- Edit the nginx.conf file using vi or your preferred text editor.
How to Enable TLS 1.3 in Apache
When enabling TLS 1.3 on Apache, ensure your version is 2.4.38 or higher.
Apache versions below 2.4.38 do not support TLS 1.3, so you must first upgrade to a compatible version.
Now, let’s go through the steps…
- Log in to your Apache HTTP server.
- Take a backup of the SSL.cone file or the file where your SSL configuration is located.
- Locate the SSL Protocol line and add +TLS1.3 at the end of the line.
- Save the file and restart your Apache HTTP server.
Tomcat
- Open your Tomcat server.
- Open the server.xml file in Tomcat.
- Add the connector with the TLS protocol, as demonstrated below.
- Now, restart your Tomcat.
Cloudflare
Cloudflare enables TLS 1.3 by default for all websites. However, if you need to turn it off or check its status, here’s how you can do it:
- Log in to your Cloudflare account.
- Go to the Crypto tab.
- Scroll down, and you will see the TLS 1.3 option.

How to Verify If Your Site is Using TLS 1.3
Below are some of the tools, which help you to check the supported TLS version that is enabled on your web server.
Here are a few tools to look out for:
SSL Labs– enter your HTTPS URL and scroll down on the test result page.

You will be able to see all the enabled protocols.
DigiCert’s SSL Installation Diagnostics Tool – Enter your HTTPS URL in the “Server Address” box, check the “Check for common vulnerabilities” box, and click on “Check Server.”


Conclusion: TLS 1.3 Security Benefits
Just as we keep our mobile applications up-to-date, keeping the TLS protocol updated is equally important.TLS 1.3 is significantly faster and more secure compared to its predecessors. If you still need to enable the latest version of TLS, now is the time to do so.
If you have any questions or face issues regarding SSL, please don’t hesitate to contact us. We’re happy to help!