mirror of
https://github.com/OpenVPN/openvpn3.git
synced 2024-09-20 12:12:15 +02:00
2141e23ecd
OpenSSL 1.1+ by default only allows signatures and key exchange from the default list of X25519:secp256r1:X448:secp521r1:secp384r1. Since in TLS1.3 key exchange is independent from the signature/key of the certificates, allowing all groups per default is not a sensible choice anymore and the shorter lister is reasonable. However, when using certificates with exotic curves the signatures of this certificates will no longer be accepted. This option allows to modify the list for these corner cases. Signed-off-by: Arne Schwabe <arne@openvpn.net> |
||
---|---|---|
.. | ||
ovpncli | ||
ssl | ||
unittests | ||
unused |