On 11/14/2014 10:12 AM, Jonathan Gray wrote:
Now openssl ciphers CHACHA20 works as intended
# openssl ciphers CHACHA20
ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-CHACHA20-POLY1305
This is already present in rev 1.68/-current
http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib/libssl/src/ssl/ssl_ciph.c.diff?r2=1.68&r1=1.67&f=u
So now, I have set in nginx.conf this
ssl_ciphers !aNULL:AES256:AES128:CHACHA20:@STRENGTH;
But using sslscan, I still get:
Failed TLSv1 256 bits ECDHE-ECDSA-CHACHA20-POLY1305
Is that somewhere else?
