Is X25519/X448 supported for TLSv1.2?
Viktor Dukhovni
openssl-users at dukhovni.org
Thu Jun 13 04:27:56 UTC 2019
On Thu, Jun 13, 2019 at 10:49:14AM +0800, John Jiang wrote:
> I got the point: the server certificate is ECDSA with curve secp256r1.
> It works with RSA certificate and curves
> sepc256r1/sepc384r1/sepc521r1/x25519/x448.
See https://github.com/openssl/openssl/issues/4175#issuecomment-322915924
When using ECDSA with TLSv1.2, the group list MUST include the group
used in the certificate. Otherwise, you get no shared cipher as
you reported. You can *prefer* X25519, but you cannot only offer
X25519.
--
Viktor.
More information about the openssl-users
mailing list