Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
Using nginx 1.11.9 with LibreSSL 2.5.1 on FreeBSD, I can't manually setup the EC curves including x25519.
In nginx, if I don't setup "ssl_ecdh_curve" at all, the server is reporting: "x25519, secp256r1, secp384r1" (correct behavior, like mentionned in LibreSSL 2.5.1 changelog).
If I setup:
But if I setup:
Also, running this command:
This binary is the last version of LibreSSL:
Correct - it is named X25519, not x25519 (and unfortunately capitalisation matters here). FWIW
X25519 will not appear in `openssl ecparam -list_curves' - it is not a regular EC curve (Curve25519 is specifically designed as a Diffie-Hellman function) and in addition to this, there is currently no EVP implementation for it in LibreSSL (largely due to the fact that it does not fit the "standard" EC implementation).