OpenSSL beta supports ChaCha20 and Poly1305

The current beta release of OpenSSL can do this.
But (of course) it will take decades until this lands in Debian (Stable). So I'd rather recommend you to compile it by yourself.

OpenSSL 1.1 was apparently planned to be released on May 12th according to this: OpenSSL Release Strategy.

I'm currently using the backported version of OpenSSL and it's simple to use/update and it's officially built.

yup that's what i do for nginx 1.11.* openssl 1.0.2h with cloudflare chacha20 patch or libressl 2.3.x branch for chacha20 native support

of course use openssl 1.0.2h and higher if you want nginx 1.11.x with dual ECDSA+RSA support too :slight_smile:

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.