From 95a94a4f8cade82e4121207c54b5258d75998543 Mon Sep 17 00:00:00 2001
From: milad nazari <mnrmilad@gmail.com>
Date: Thu, 12 Dec 2024 01:15:39 +0330
Subject: [PATCH] add elliptic-curve

---
 docker/dev/letsencrypt.ini                              | 2 +-
 docker/rootfs/etc/letsencrypt.ini                       | 2 +-
 docker/rootfs/etc/nginx/conf.d/include/ssl-ciphers.conf | 1 -
 3 files changed, 2 insertions(+), 3 deletions(-)

diff --git a/docker/dev/letsencrypt.ini b/docker/dev/letsencrypt.ini
index 0563383f..9a01e1a9 100644
--- a/docker/dev/letsencrypt.ini
+++ b/docker/dev/letsencrypt.ini
@@ -1,6 +1,6 @@
 text = True
 non-interactive = True
 webroot-path = /data/letsencrypt-acme-challenge
-elliptic-curve = secp384r1
+elliptic-curve = X25519:prime256v1:secp384r1
 preferred-chain = ISRG Root X1
 server =
diff --git a/docker/rootfs/etc/letsencrypt.ini b/docker/rootfs/etc/letsencrypt.ini
index 7becd3b4..a94d6135 100644
--- a/docker/rootfs/etc/letsencrypt.ini
+++ b/docker/rootfs/etc/letsencrypt.ini
@@ -1,5 +1,5 @@
 text = True
 non-interactive = True
 webroot-path = /data/letsencrypt-acme-challenge
-elliptic-curve = secp384r1
+elliptic-curve = X25519:prime256v1:secp384r1
 preferred-chain = ISRG Root X1
diff --git a/docker/rootfs/etc/nginx/conf.d/include/ssl-ciphers.conf b/docker/rootfs/etc/nginx/conf.d/include/ssl-ciphers.conf
index 2bae6e5c..ee724e17 100644
--- a/docker/rootfs/etc/nginx/conf.d/include/ssl-ciphers.conf
+++ b/docker/rootfs/etc/nginx/conf.d/include/ssl-ciphers.conf
@@ -5,4 +5,3 @@ ssl_session_cache shared:SSL:50m;
 ssl_protocols TLSv1.2 TLSv1.3;
 ssl_ciphers "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:RSA-AES256-CBC-SHA256";
 ssl_prefer_server_ciphers off;
-ssl_ecdh_curve X25519:prime256v1:secp384r1;