boring-ssl: add experimental post-quantum cipher CECPQ1

2025-04-20 12:29:16 +00:00 · 2016-10-08 19:28:31 +02:00 · 2016-10-08 19:28:31 +02:00 · 2582458590
commit 2582458590
parent 4bee62b54d
1 changed files with 1 additions and 1 deletions
--- a/boring-nginx/ssl_params
+++ b/boring-nginx/ssl_params
@ -1,6 +1,6 @@
 ssl_protocols TLSv1.2;
 ssl_ecdh_curve X25519:P-384;
-ssl_ciphers [ECDHE-ECDSA-CHACHA20-POLY1305|ECDHE-RSA-CHACHA20-POLY1305|ECDHE-ECDSA-CHACHA20-POLY1305-D|ECDHE-RSA-CHACHA20-POLY1305-D|ECDHE-ECDSA-AES256-GCM-SHA384|ECDHE-RSA-AES256-GCM-SHA384]:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256;
+ssl_ciphers CECPQ1-ECDSA-AES256-GCM-SHA384:CECPQ1-RSA-AES256-GCM-SHA384:[ECDHE-ECDSA-CHACHA20-POLY1305|ECDHE-RSA-CHACHA20-POLY1305|ECDHE-ECDSA-CHACHA20-POLY1305-D|ECDHE-RSA-CHACHA20-POLY1305-D|ECDHE-ECDSA-AES256-GCM-SHA384|ECDHE-RSA-AES256-GCM-SHA384]:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256;
 ssl_prefer_server_ciphers on;

 ssl_session_cache shared:SSL:20m;