Index: java/org/apache/tomcat/jni/SSL.java
===================================================================
--- java/org/apache/tomcat/jni/SSL.java	(revision 1842017)
+++ java/org/apache/tomcat/jni/SSL.java	(working copy)
@@ -73,6 +73,7 @@
     public static final int SSL_PROTOCOL_TLSV1 = (1<<2);
     public static final int SSL_PROTOCOL_TLSV1_1 = (1<<3);
     public static final int SSL_PROTOCOL_TLSV1_2 = (1<<4);
+    public static final int SSL_PROTOCOL_TLSV1_3 = (1<<5);
     public static final int SSL_PROTOCOL_ALL   = (SSL_PROTOCOL_TLSV1 | SSL_PROTOCOL_TLSV1_1 | SSL_PROTOCOL_TLSV1_2);
 
     /*
Index: java/org/apache/tomcat/jni/SSLContext.java
===================================================================
--- java/org/apache/tomcat/jni/SSLContext.java	(revision 1842017)
+++ java/org/apache/tomcat/jni/SSLContext.java	(working copy)
@@ -41,6 +41,7 @@
      * {@link SSL#SSL_PROTOCOL_TLSV1}
      * {@link SSL#SSL_PROTOCOL_TLSV1_1}
      * {@link SSL#SSL_PROTOCOL_TLSV1_2}
+     * {@link SSL#SSL_PROTOCOL_TLSV1_3}
      * {@link SSL#SSL_PROTOCOL_ALL} ( == all TLS versions, no SSL)
      * </PRE>
      * @param mode SSL mode to use
Index: java/org/apache/tomcat/util/net/AprEndpoint.java
===================================================================
--- java/org/apache/tomcat/util/net/AprEndpoint.java	(revision 1842017)
+++ java/org/apache/tomcat/util/net/AprEndpoint.java	(working copy)
@@ -439,6 +439,8 @@
                     value |= SSL.SSL_PROTOCOL_TLSV1_1;
                 } else if (Constants.SSL_PROTO_TLSv1_2.equalsIgnoreCase(protocol)) {
                     value |= SSL.SSL_PROTOCOL_TLSV1_2;
+                } else if (Constants.SSL_PROTO_TLSv1_3.equalsIgnoreCase(protocol)) {
+                    value |= SSL.SSL_PROTOCOL_TLSV1_3;
                 } else {
                     // Should not happen since filtering to build
                     // enabled protocols removes invalid values.
Index: java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java
===================================================================
--- java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java	(revision 1842017)
+++ java/org/apache/tomcat/util/net/openssl/OpenSSLContext.java	(working copy)
@@ -153,6 +153,8 @@
                     value |= SSL.SSL_PROTOCOL_TLSV1_1;
                 } else if (Constants.SSL_PROTO_TLSv1_2.equalsIgnoreCase(protocol)) {
                     value |= SSL.SSL_PROTOCOL_TLSV1_2;
+                } else if (Constants.SSL_PROTO_TLSv1_3.equalsIgnoreCase(protocol)) {
+                    value |= SSL.SSL_PROTOCOL_TLSV1_3;
                 } else if (Constants.SSL_PROTO_ALL.equalsIgnoreCase(protocol)) {
                     value |= SSL.SSL_PROTOCOL_ALL;
                 } else {
Index: java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java
===================================================================
--- java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java	(revision 1842017)
+++ java/org/apache/tomcat/util/net/openssl/OpenSSLEngine.java	(working copy)
@@ -109,7 +109,8 @@
         Constants.SSL_PROTO_SSLv3,
         Constants.SSL_PROTO_TLSv1,
         Constants.SSL_PROTO_TLSv1_1,
-        Constants.SSL_PROTO_TLSv1_2
+        Constants.SSL_PROTO_TLSv1_2,
+        Constants.SSL_PROTO_TLSv1_3
     };
     public static final Set<String> IMPLEMENTED_PROTOCOLS_SET =
             Collections.unmodifiableSet(new HashSet<>(Arrays.asList(IMPLEMENTED_PROTOCOLS)));