feat(nginx): enable secp256r1 ECDH curve

secp256r1 is mandated by IETF RFC8446 section 9.1; use it as a fallback for X5519, despite it likely never being used.
2025-06-29 01:48:30 +00:00 · 2025-06-29 01:48:30 +00:00 · ebfa37be7b
commit ebfa37be7b
parent 198ab835fb
1 changed files with 2 additions and 2 deletions
--- a/xb-00-01/nginx/website.conf
+++ b/xb-00-01/nginx/website.conf
@ -1,6 +1,6 @@
 # Inferencium - xb-00-01
 # Nginx - Configuration - Website
-# Version: 10.0.0-alpha.9
+# Version: 10.0.0-alpha.10

 # Copyright 2022 Jake Winters
 # SPDX-License-Identifier: BSD-3-Clause
@ -50,7 +50,7 @@ server {
 		ssl_conf_command Ciphersuites			"TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256";
 		ssl_conf_command Options				PrioritizeChaCha;
 		ssl_prefer_server_ciphers				on;
-		ssl_ecdh_curve							X25519;
+		ssl_ecdh_curve							X25519:secp256r1;
 		ssl_stapling							on;
 		ssl_stapling_verify						on;
 		ssl_session_timeout						1d;