TLS1.0 not supported in 1.23.3-alpine any more

[Cougar]

Not sure if it is a bug but it is breaking change that is not well documented here.

Related Nginx cyptic error is following

2023/01/17 12:00:00 [crit] 21#21: *34751 SSL_do_handshake() failed (SSL: error:0A0C0103:SSL routines::internal error) while SSL handshaking to upstream, client: 192.0.2.1, server: www.example.com, request: "GET / HTTP/2.0", upstream: "https://198.51.100.1:443/", host: "www.example.com", referrer: "https://www.example.com/"

Since 1.23.3 the Alpine image is based on Alpine 3.17, where one big change is OpenSSL upgrade from 1.1 to 3.0. However, OpenSSL 3.0 does not support TLS1.0 any more in reality (possible only with security level 0).

So, it is not possible to run Nginx as a proxy in front of any legacy Apache web server that can use only TLS1.0. 1.23.2-alpine image based on Alpine 3.16 still works.