Faced the weird behavior of chipper for TLS1.3. https://wiki.openssl.org/index.php/TLS1.3#Ciphersuites openssl ciphers -s -v ECDHE | grep TLSv1.3 TLS_AES_256_GCM_SHA384 TLSv1.3 Kx=any Au=any Enc=AESGCM(256) Mac=AEAD TLS_CHACHA20_POLY1305_SHA256 TLSv1.3 Kx=any Au=any Enc=CHACHA20/POLY1305(256) Mac=AEAD TLS_AES_128_GCM_SHA256 TLSv1.3 Kx=any Au=any Enc=AESGCM(128) Mac=AEAD but openssl ciphers TLS_CHACHA20_POLY1305_SHA256 or openssl ciphers TLS_AES_256_GCM_SHA384 Error in cipher list 140013550158336:error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no cipher match:ssl/ssl_lib.c:2549: In Apache SSLCipherSuite TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256 Unable to configure permitted SSL ciphers SSL Library Error: error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no cipher match Fatal error initialising mod_ssl, exiting. Is this something I don���t understand, or is it an openssl bug? I want the TLS1.3 chippers to be installed only the necessary and in the wrong order. How to do it? If this is a bug, I will create a separate report.