← Knowledge base

BoringSSL

Is PQC enabled? — quick check

Inside the embedding app (Chrome example)

# Visit chrome://flags#enable-tls13-kyber  (renamed enable-tls13-mlkem in newer Chrome)
# Then open https://checkpqc.app/

Expected when PQC is ON

Default / Enabled
checkpqc.app verdict: HYBRID_ENABLED

What you'll see when PQC is OFF

Disabled
checkpqc.app verdict: CLASSICAL_ONLY

BoringSSL is not user-installed; you verify via the host application.

BoringSSL is Google's TLS fork. It powers Chrome, Cronet, Envoy, gRPC, and many internal Google products. It added X25519Kyber768Draft00 in 2023 and the standardized X25519MLKEM768 in 2024.

Default behavior

Recent BoringSSL builds enable X25519MLKEM768 by default in the TLS 1.3 group list. If you embed BoringSSL you don't need to do anything to negotiate hybrid PQC with a capable peer.

Force or restrict groups

Use SSL_CTX_set1_groups_list:

SSL_CTX_set1_groups_list(ctx,
  "X25519MLKEM768:X25519:P-256:P-384");

Envoy

Envoy uses BoringSSL under the hood. Configure groups via the listener's tls_params: 

tls_params:
  tls_minimum_protocol_version: TLSv1_2
  tls_maximum_protocol_version: TLSv1_3
  ecdh_curves: ["X25519MLKEM768", "X25519", "P-256"]

Verify

if ! command -v openssl >/dev/null 2>&1; then
  echo 'OpenSSL was not found.'
  printf 'Install OpenSSL now? [y/N] '; read answer
  case "$answer" in [Yy]*) sudo apt-get update && sudo apt-get install -y openssl ;; *) exit 1 ;; esac
fi
openssl s_client -connect example.com:443 -tls1_3 \
  -groups X25519MLKEM768 </dev/null 2>&1 | grep "Cipher is\|alert"

Run the check on your site →