ssl_ecdh_curve - Githubissues

cloudflare / sslconfig

Cloudflare's Internet facing SSL configuration

BSD 3-Clause "New" or "Revised" License

1.3k stars 132 forks source link

ssl_ecdh_curve #75

Open FernandoMiguel opened 7 years ago

FernandoMiguel commented 7 years ago

I've noticed you guys added : ssl_ecdh_curve X25519:P-256:P-384:P-224:P-521;

is there a certain version of openssl or nginx required to support this?

nginx 1.10.0 on ubuntu: nginx: [emerg] Unknown curve name "X25519:P-256:P-384:P-224:P-521" (SSL:)

blagoeres commented 7 years ago

I think the only requirenment for this is latest OpenSSL 1.1.0f. Specifying multiple curves requires Nginx 1.11.0+. At the moment the only way to use this is by compiling Nginx against OpenSSL 1.1.0f.