Describe the bug

The latest version of nginx (nginx:1.25.3, from all versions) does not support TLS1.0.

To reproduce

Deploy nginx:1.25.3 and set nginx ssl_protocols to TLSv1 TLSv1.1 TLSv1.2 TLSv1.3, you can put in the ssl_ciphers what ever value you want0

Expected behavior

Working TLS1.0 - can be tested using OpenSSL client.

Your environment

My OS is Ubuntu 22, when I used a different nginx flavor image (Openresty the latest version) on the same OS, TLS 1 worked without any issue, so from this, I learned that this is not an OS issue, this is about the nginx docker itself.

Additional context

After searching online, I found a few recommended solutions:

A.Edit /etc/ssl/openssl.cnf and add to it:

[openssl_init]
 providers = provider_sect
+ssl_conf = ssl_sect
+
+[ssl_sect]
+system_default = system_default_sect
+
+[system_default_sect]
+CipherString = DEFAULT@SECLEVEL=0

B. add this ssl_ciphers DEFAULT@SECLEVEL=0; to the nginx conf.

I tried both of the methods, I edited /etc/ssl/openssl.cnf inside and outside the docker, and I tried the B option, but none of that worked, I read in another post that the Alpine version didn't compile in the TLS1.0 support so I switched from the alpine version to the regular nginx:1.25.3 and still nothing worked (including after I tried the above in it and outside it).

How can I make it work? is there a specific version of the regular Nginx that works with this? Do I need to do something differently to make it work? I must support TLS1.0 as well...