Setting ssl_ecdh_curve to secp384r1 does not work

Maxim Dounin mdounin at
Tue Jul 5 18:16:14 UTC 2016


On Tue, Jul 05, 2016 at 05:02:07PM +0200, Florian Reinhart wrote:

> It is the same certificate on both servers and it is indeed a 
> secp256r1 aka prime256v1 certificate. So does this mean, I have 
> to use prime256v1 for ssl_ecdh_curve with this certificate? It’s 
> still strange that it used to work before...

Since version 1.11.0 nginx uses the new SSL_CTX_set1_curves_list() 
interface if available to configure supported curves, instead of 
previously used EC_KEY_new_by_curve_name()/SSL_CTX_set_tmp_ecdh().  
This new interface is generally better as it allows configuring 
multiple curves.

I've just tested, and it looks like this new interface is also 
more strict.  With previous interface it was possible to use any 
certificate regardless of the ssl_ecdh_curve setting, and that's 
why it worked for you in older versions.  The new interface does 
not allow to use curves which are not listed at all, including 
certificates using these curves.

Solution would be to list all curves you want to use, including 
curves used by certificates, e.g.:

    ssl_ecdh_curve secp384r1:prime256v1;

Or, better yet, just leave the default ("auto"), it will allow 
most common curves as supported by OpenSSL.

Maxim Dounin

More information about the nginx mailing list