Dual SSL certificates (RSA + ECC)


#1

Hi,

Does Fastly support setting up dual certs when using the custom SSL cert hosting option?

I.e. serve the RSA cert to clients that don’t support the ECC cert? I think openssl 1.0.2 + 1.1.0 both support this.

If Fastly supports ECC certs in general, which EC curves does Fastly support? If only secp256r1, are there plans for x25519?

Thanks!


#2

Hello rlx01,

At this time, we only recognize RSA certs. I cannot say when we will support the ECC technology, however, when or if that happens, we will certainly advise you and the community via some public announcement. We usually do this through a blog post. Hopefully you are following us there also.

Please let us know if you have any further questions about TLS, or any other issue with respect to our service, we are always happy to help and advise.

Best regards,

Jeff Generao
TLS Implementation Lead, Fastly Customer Support