ChaCha20 error?

Hey. I want to use ChaCha20 Cipher, but when i want to use it with TLS 1.3 it gives me a Error.
ssl_session_cache shared:le_nginx_SSL:10m;
ssl_session_timeout 1440m;
ssl_session_tickets off;

ssl_protocols TLSv1.3;
ssl_ecdh_curve secp384r1;
ssl_ciphers TLS_CHACHA20_POLY1305_SHA256;
ssl_prefer_server_ciphers on;

is the nginx config which is included in my nginx/conf.d.

sudo certbot --nginx
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Error while running nginx -c /etc/nginx/nginx.conf -t.

nginx: [emerg] SSL_CTX_set_cipher_list(“TLS_CHACHA20_POLY1305_SHA256”) failed (SSL: error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no cipher match)
nginx: configuration file /etc/nginx/nginx.conf test failed

openssl ciphers -v | grep TLS_CHACHA20_POLY1305_SHA256
TLS_CHACHA20_POLY1305_SHA256 TLSv1.3 Kx=any Au=any Enc=CHACHA20/POLY1305(256) Mac=AEAD

1 Like

Seems to be a bug in OpenSSLnginx: https://github.com/openssl/openssl/issues/11564

1 Like