Policy

ECC Curve Order

Microsoft Windows

Back to SSL Configuration SettingsBack to main
ECC Curve Order
Jump to overview

Policy overview

Key metadata and intent for this policy.

Computer
Category
Network > SSL Configuration Settings
Supported on
At least Windows Server 2016, Windows 10

Supported OS tags: Windows10, Windows10RT, Windows11, WindowsServer2016

This policy setting determines the priority order of ECC curves used with ECDHE cipher suites. If you enable this policy setting, ECC curves are prioritized in the order specified.(Enter one Curve name per line) If you disable or do not configure this policy setting, the default ECC curve order is used. Default Curve Order ============ curve25519 NistP256 NistP384 To See all the curves supported on the system, Use the following command: CertUtil.exe -DisplayEccCurve

Internal name
SSLCurveOrder
Policy ID
71d9c6fcb9fa
Elements
1

Registry values

How enabled and disabled states update the registry.

No explicit registry values are set for enabled or disabled states.

Policy elements

Inputs and configuration options exposed by this policy.

ScopeElementTypeRegistry mappingConstraints & behaviorCopy
Computer
ECC Curve Order:
ID SSLCurveOrderList
list
Path
SOFTWARE\Policies\Microsoft\Cryptography\Configuration\SSL\00010002
Value name
EccCurves
Type
REG_MULTI_SZ
None
ECC Curve Order:
Computer · Type list
Registry mapping
Path
SOFTWARE\Policies\Microsoft\Cryptography\Configuration\SSL\00010002
Value name
EccCurves
Type
REG_MULTI_SZ
DetailsNone