PostgreSQL version:

ssl_ecdh_curve

Specifies the name of the curve to use in ECDH key exchange. It needs to be supported by all clients that connect. It does not need to be the same curve used by the server's Elliptic Curve key. This parameter can only be set in the postgresql.conf file or on the server command line. The default is prime256v1.

OpenSSL names for the most common curves are: prime256v1 (NIST P-256), secp384r1 (NIST P-384), secp521r1 (NIST P-521). The full list of available curves can be shown with the command openssl ecparam -list_curves. Not all of them are usable in TLS though.

Recommendations

According to your SSL configuration, which maybe provided by your installer.

At postgresqlCO.NF (OnGres) we value your privacy and treat all data very seriously. We're fully GDPR compliant, and we continuously monitor and improve our data storage, retention and compliance mechanisms.

This web page does not, however, store any PII (Personally Identifiable Information). The only service that stores any data is Google Analytics, and we use it to gather analytics of the web page.

This website contains some data from the official documentation of the PostgreSQL.org project, and from Annotated.Conf, used with permission.

If you have any question or concern about our terms of service or privacy policy, please contact us at dataprotection _at_ ongres _dot_ com.

OK