Hello guys,
I deployed ECDSA P-256 certificate issued by Let's Encrypt E1 on nginx, and I noticed something about "ssl_ecdh_curve auto;".
When I set ssl_protocols to "TLSv1.2 TLSv1.3", ssl_ecdh_curve has only prime256v1. When set to TLSv1.3, x448 is missing and is the preferred order for the server.
As far as I know, the full list of nginx support should be x25519, x448, secp256r1, secp384r1, secp521r1.
So what caused the difference in "ssl_ecdh_curve auto;"?
Best regards,
wordlesswind