Does Openssl Support Curve25519? (Elliptic-Curve Cryptography Curve)

Solution Verified - Updated -


  • Red Hat Enterprise Linux 8
  • Red Hat Enterprise Linux 9


Elliptic-curve cryptography (ECC) curve "curve25519", which comes with domain controllers on Windows Server 2016, causes authentication issues with Red Hat Enterprise Linux servers and Active Directory


Currently, only Red Hat Enterprise Linux 8 and 9 support this feature.

Root Cause

X25519 is an elliptic curve Diffie-Hellman key exchange using Curve25519, which was added to openssl 1.1.0, and Red Hat Enterprise Linux 8 supports up to openssl-1.1.1. Red Hat Enterprise Linux 7 only supports up to version openssl-1.0.2.

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.