The current beta release of OpenSSL can do this.
But (of course) it will take decades until this lands in Debian (Stable). So I'd rather recommend you to compile it by yourself.
OpenSSL 1.1 was apparently planned to be released on May 12th according to this: OpenSSL Release Strategy.
I'm currently using the backported version of OpenSSL and it's simple to use/update and it's officially built.
yup that's what i do for nginx 1.11.* openssl 1.0.2h with cloudflare chacha20 patch https://github.com/cloudflare/sslconfig/tree/master/patches or libressl 2.3.x branch for chacha20 native support
of course use openssl 1.0.2h and higher if you want nginx 1.11.x with dual ECDSA+RSA support too https://community.centminmod.com/threads/nginx-1-11-0-introduces-dual-ecdsa-rsa-ssl-certificate-support.7449/ 
1 Like
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.