ssl-tmp-ec-param
Elliptic curve used for the ECDHE ciphers
Syntax
--ssl-tmp-ec-param elliptic_curve_name
Description
--ssl-tmp-ec-param
specifies the name of the elliptic curve used for the ECDHE ciphers.elliptic_curve_name
Starting in R2019b, ECDHE ciphers are enabled by default. If you do not specify the elliptic curve name, ECDHE ciphers use a default elliptic curve. The default elliptic curves are in the following order: x25519, secp256r1, x448, secp521r1, secp384r1. During the SSL/TLS handshake, the client advertises the curves that it supports. Based on this client-server negotiation, one of the default curves is used to establish a secure connection for the subsequent data exchange.
For earlier releases, if this property is not specified, all ECDHE ciphers are disabled.
Parameters
elliptic_curve_nameName of curve. All curves supported by OpenSSL are supported.
Examples
Use the prime256v1 curve.
--ssl-tmp-ec-param prime256v1
You can also select a web site from the following list:
Americas
- América Latina (Español)
- Canada (English)
- United States (English)
Europe
- Belgium (English)
- Denmark (English)
- Deutschland (Deutsch)
- España (Español)
- Finland (English)
- France (Français)
- Ireland (English)
- Italia (Italiano)
- Luxembourg (English)
- Netherlands (English)
- Norway (English)
- Österreich (Deutsch)
- Portugal (English)
- Sweden (English)
- Switzerland
- United Kingdom (English)