tls: set ecdhCurve default to 'auto' by Hativ · Pull Request #16853 · nodejs/node
label
For best out-of-the-box compatibility there should not be one default `ecdhCurve` for the tls client, OpenSSL should choose them automatically. I've had a lot of struggle connecting to a server that did not support the default curve. Many third party modules have no support for setting `ecdhCurve`, therefore I think the tls client should support as much curves as possible by default. Using `'auto'` would achieve this. Refs: #16196 Refs: #1495 Refs: https://wiki.openssl.org/index.php/Manual:SSL_CTX_set1_curves(3) Refs: #15206
tniessen pushed a commit that referenced this pull request
For best out-of-the-box compatibility there should not be one default `ecdhCurve` for the tls client, OpenSSL should choose them automatically. See https://wiki.openssl.org/index.php/Manual:SSL_CTX_set1_curves(3) PR-URL: #16853 Refs: #16196 Refs: #1495 Refs: #15206 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com> Reviewed-By: Rich Trott <rtrott@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Sam Roberts <vieuxtech@gmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters