In order to contribute to the development of the TLSv1.3 protocol, we have enabled TLSv1.3 support in nghttpx, and made it publicly available at https://nghttp2.org:13443. It is currently draft-19.
nghttpx uses OpenSSL as an underlying TLS backend. OpenSSL community
has done a great job, and been developing TLSv1.3 support (they are
still WIP), and it is available in OpenSSL master branch. So just building nghttpx
with this bleeding edge version of OpenSSL could enable TLSv1.3
support. But we have taken one step further, and implemented 0-RTT
early data support using new
For those of you to build OpenSSL from their git repository, in order
to enable TLSv1.3 support, pass
enable-tls1_3 option to Configure
In order to enable 0-RTT support in nghttpx, check out nghttpx: Enable TLSv1.3 0-RTT early data support. Please note that this branch may be rebased time to time.
To send 0-RTT early data with
openssl s_client, first save a
session, like so:
The session is saved in session.dat file. We use this file to resume the session. 0-RTT early data should be stored in file. We have the following file for this example:
1 2 3 4 5
Then run the following command to resume session, and send 0-RTT early data:
If 0-RTT early data is sent, and accepted by the server, you will see the HTTP response header fields and body sent from the server.