Hi again,
On 2014-08-18 09:17, Alex wrote:
> Hi,
>
> I have successfully compiled nginx/1.7.4 with boringssl. One thing I
> am not sure if it's possible already is to take advantage of
> equal-preference cipher groups that Boringssl supports.
>
> [...]
>
> Would this already work with nginx' ssl_ciphers parameter or would
> nginx require further patching to support such grouping parameter?
I feel kinda stupid that I didn't figure it out earlier. Of course it's
possible out of the box with nginx/boringssl. I made a small writeup
here:
https://www.zeitgeist.se/2014/08/23/we-like-aes-and-chacha20-equally-thanks-to-boringssl/
Basically, you group ciphers in the ciphers list like this:
[ECDHE-RSA-CHACHA20-POLY1305|ECDHE-RSA-AES128-GCM-SHA256]
Best,
Alex
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx