How do I turn off EC point formats from showing up in TLS 1.3 client hello?

Phil Neumiller pneumiller at
Fri Nov 15 22:03:38 UTC 2019

TLS 1.3 doesn't use EC point formats right?  I don't know why they are in my
TLS 1.3 client hello.

Extension: ec_point_formats (len=4)
    Type: ec_point_formats (11)
    Length: 4
    EC point formats Length: 3
    Elliptic curves point formats (3)
        EC point format: uncompressed (0)
        EC point format: ansiX962_compressed_prime (1)
        EC point format: ansiX962_compressed_char2 (2)

There is a flag OPENSSL_NO_EC do I need to set that somewhere in config or

Is there an API call do disable these?  There is a get function
SSL_get0_ec_point_formats() but no set.



Phillip Neumiller
Platform Engineering
Directstream, LLC
Sent from:

More information about the openssl-users mailing list