Introduction
Transport Layer Security (TLS) is the foundation of secure internet communication. However, TLS is only as strong as its configuration. Weak cipher suites, outdated protocol versions, and missing security headers leave connections vulnerable to downgrade attacks, protocol flaws, and traffic interception.
Cipher Suites
A cipher suite defines the cryptographic algorithms used for key exchange, authentication, encryption, and message authentication.
Modern Nginx TLS configuration
server {
listen 443 ssl http2;
server_name example.com;
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
Modern cipher suite selection
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305;
ssl_prefer_server_ciphers off; # Let client negotiate for TLS 1.3
Modern key exchange
ssl_ecdh_curve X25519:prime256v1:secp384r1;
OCSP stapling
ssl_stapling on;
ssl_stapling_verify on;
resolver 1.1.1.1 8.8.8.8 valid=300s;
resolver_timeout 5s;
}
Cipher Suite Breakdown
ECDHE - Ephemeral Diffie-Hellman (forward secrecy)
ECDSA - Elliptic Curve Digital Signature Algorithm (authentication)
AES128 - AES with 128-bit key (symmetric encryption)
GCM - Galois/Counter Mode (authenticated encryption)
SHA256 - SHA-256 HMAC (integrity)
Deprecated Ciphers
NEVER use these
ssl_protocols SSLv3 TLSv1 TLSv1.1; # All broken
ssl_ciphers RC4:3DES:EXPORT:NULL; # Weak or broken
HSTS (HTTP Strict Transport Security)
HSTS instructs browsers to always connect via HTTPS, preventing SSL stripping attacks.
Strict HSTS for production
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" always;
Explanation:
max-age=63072000 - 2 years in seconds
includeSubDomains - Applies to all subdomains
preload - Allow inclusion in browser preload lists
Flask HSTS implementation
from flask import Flask, make_response
app = Flask(name)
@app.after_request
def add_security_headers(response):
if request.is_secure:
response.headers['Strict-Transport-Security'] = \
'max-age=63072000; includeSubDomains; preload'
return response
Certificate Pinning
While HTTP Public Key Pinning (HPKP) is deprecated, certificate pinning techniques remain useful in controlled environments.
TLS fingerprint validation (alternative to deprecated HPKP)
import ssl
import hashlib
import requests
from cryptography import x509
from cryptography.hazmat.primitives import hashes
def validate_certificate_fingerprint(hostname, port=443, expected_hash=None):
cert_pem = ssl.get_server_certificate((hostname, port))
cert = x509.load_pem_x509_certificate(cert_pem.encode())
Calculate SHA-256 fingerprint
fingerprint = cert.fingerprint(hashes.SHA256())
fingerprint_hex = fingerprint.hex()
if expected_hash and fingerprint_hex != expected_hash:
raise ValueError(
f"Certificate fingerprint mismatch for {hostname}: "
f"expected {expected_hash}, got {fingerprint_hex}"
)
return fingerprint_hex
Usage: pin to expected fingerprint
PINNED_FINGERPRINTS = {
'api.example.com': 'a1b2c3d4e5f6...',
}
TLS 1.3 Benefits
TLS 1.3 simplifies the handshake to one round trip (or zero with pre-shared keys), removes insecure features, and mandates forward secrecy.
Test TLS 1.3 support
openssl s_client -connect example.com:443 -tls1_3
Testing with SSL Labs
Using ssllabs-scan
docker run --rm -t jumanjiman/ssllabs-scan example.com
Using testssl.sh
testssl.sh --quiet --htmlfile report.html example.com
Quick curl-based check
curl -sI https://example.com | grep -i "strict-transport-security|x-frame-options|content-security-policy"
Full Hardened Configuration
/etc/nginx/conf.d/ssl.conf - hardened TLS
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305;
ssl_prefer_server_ciphers off;
ssl_ecdh_curve X25519:prime256v1:secp384r1;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 1d;
ssl_session_tickets off;
OCSP Stapling
ssl_stapling on;
ssl_stapling_verify on;
resolver 1.1.1.1 8.8.8.8 valid=300s;
Security Headers
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" always;
add_header X-Content-Type-Options nosniff always;
add_header X-Frame-Options DENY always;
Conclusion
A proper TLS configuration requires modern protocol versions (TLS 1.2 and 1.3), forward-secrecy cipher suites, HSTS enforcement, and regular testing with tools like SSL Labs and testssl.sh. Disable all legacy protocols and ciphers, enable OCSP stapling for performance, and consider certificate pinning for high-security APIs.
Enjoy this article? Share your thoughts, questions, or experiences in the comments below — your insights help other readers too.
Join the discussion ↓