Hi Roman, > It looks like this library is not super popular, but the patch is relatively > large.
Perhaps it's not as widely used as the forks that started ~10 years ago, but it's basically a version of BoringSSL that's more suitable to use with NGINX than BoringSSL itself: - it ships releases and it's versioned, - it supports OCSP stapling, - it supports multiple TLS certificates, - it supports big endian platforms supported by NGINX. Also, the patch is pretty small. > Also, compiling nginx with -DOPENSSL_IS_BORINGSSL should probably solve > the issue. For the time being, probably, but AWS folks are actively developing it, so I'd expect it to led to issues sooner rather than later. Best regards, Piotr Sikora _______________________________________________ nginx-devel mailing list nginx-devel@nginx.org https://mailman.nginx.org/mailman/listinfo/nginx-devel