ECDHE key exchange with TLSv1
kepler at calomel.org
Sat Jul 10 00:03:55 MSD 2010
Does Nginx support the elliptic curve cryptography ciphers like
ECDHE-ECDSA-AES256-SHA available through OpenSSL v1.0.0a ?
I have built OpenSSL v1.0.0a and placed it in a separate directory. I
then built nginx with --with-cc-opt="-I /path_openssl/include/"
--with-ld-opt="-L /path_openssl/lib/" and it builds fine.
Nginx.conf has the following for SSL:
## SSL Certs
The daemon starts up correctly, but clients will only negotiate their
SSL connection as AES256-SHA.
Does "ssl_dhparam" need a PEM string? Any examples?
BTW, I found another post in the archives where Maxim Dounin said
support was not available as of October 2009.
Build error --with-debug; ECDHE key exchange TLS problem.[nginx 0.7.62]
Calomel @ https://calomel.org
Open Source Research and Reference
More information about the nginx