…bits for cipher suites that use ephemeral elliptic curve Diffie-Hellman (ECDHE) RFC8422 . Clients MUST accept DHE sizes of up to 4096 bits. Endpoints MAY treat negotiation of key sizes smaller than the lower limits as a connection error Section 5.4.1 of type INADEQUATE_SECURITY 9…

… by OpenSSL and be standardized for use in the TLS "supported groups" extension RFC8422 RFC8446 and RFC8447 ). Be sure to include at least "x25519" and "prime256v1" (the OpenSSL name for "secp256r1", a.k.a. "P-256"). The default list is suitable for most users. On the client side…

…bits for cipher suites that use ephemeral elliptic curve Diffie-Hellman (ECDHE) RFC8422 . Clients MUST accept DHE sizes of up to 4096 bits. Endpoints MAY treat negotiation of key sizes smaller than the lower limits as a connection error Section 5.4.1 of type INADEQUATE_SECURITY 9…