NGINX Docker built top of rolling release BoringSSL (SIMD x86_64-v4/aarch64/armv7)
Dockerfile
linksStable Release
docker.io/denji/nginx-boringssl:stable-alpine
- (Linux x86_64-v4)docker.io/denji/nginx-boringssl:stable-aarch64-alpine
- (Linux AArch64 - ARMv8)docker.io/denji/nginx-boringssl:stable-armv7-alpine
- (Linux ARMv7 - 32-bit)Mainline Release
docker.io/denji/nginx-boringssl:mainline-alpine
- (Linux x86_64-v4)docker.io/denji/nginx-boringssl:mainline-aarch64-alpine
- (Linux AArch64 - ARMv8)docker.io/denji/nginx-boringssl:mainline-armv7-alpine
- (Linux ARMv7 - 32-bit)This project is unstable state because of the rolling release BoringSSL, and modules.
.gz
files support enabled.br
files support (and configured).
secp384r1
(OpenSSL, LibreSSL) is P-384
(BoringSSL).
BoringSSL does support multiple curves with its implementation of SSL_CTX_set1_curves_list()
,
an example is provided in the default /etc/nginx/confssl_params
.
X25519
is actually the safest curve you can use so it should be the first curve in your list.|
like this : [cipher1|cipher2|cipher3]
.
Ciphers in a group are considered equivalent on the server-side and let the client decide which cipher is the best.
This can be useful when using ChaCha20, because AES remains faster than ChaCha20 on AES-NI devices.Wonderfall/boring-nginx