At DEF CON 33, Konstantinos Karagiannis argued that usable quantum capabilities could arrive much sooner than many expect. Regardless of the exact date, agencies such as NIST, NSA, and CISA advise beginning PQC migrations now to mitigate the harvest now, decrypt later (HNDL) risk.
Like many open-source projects, NGINX relies on the OpenSSL library for TLS support. With the April 2025 release of OpenSSL 3.5, several NIST-approved PQC algorithms are enabled by default. This means that if you want PQC enabled in your open-source NGINX instance, you must ensure that NGINX has been compiled with a ≥3.5 version of OpenSSL.
In practice, that means the same version of NGINX will have PQC on one distribution release but not on another.
Given that OpenSSL 3.5 was released earlier in 2025, the Linux distro landscape only has a few options containing a ≥3.5 version.
| Distribution/Release | OpenSSL Version Shipped | PQC Available? | Notes |
| Debian 13 “Trixie” | 3.5.x | ✅ | Current stable release |
| Debian 12 “Bookworm” | 3.0.x | ❌ | Current oldstablerelease |
| Alpine Linux 3.22 | 3.5.x | ✅ | Latest Alpine release |
| Alpine Linux 3.21 | 3.3.x | ❌ | Previous Alpine release |
| Ubuntu 24.04 (LTS) | 3.0.x | ❌ | Current LTS |
| Alma/Rocky/RHEL 10 | 3.2.x | ❌ | Latest RedHat family release |
This affects NGINX whether you use the version supplied by the Linux distro, the F5 NGINX official packages, or the official Docker container images because each is built with the OpenSSL version available on that platform.
To confirm the OpenSSL version that NGINX was compiled with, use the nginx –V command:
Debian 12 Bookworm uses OpenSSL 3.0:
$ nginx -V
nginx version: nginx/1.29.3
built by gcc 12.2.0 (Debian 12.2.0-14+deb12u1)
built with OpenSSL 3.0.16 11 Feb 2025 (running with OpenSSL 3.0.17 1 Jul 2025)
TLS SNI support enabled
...
Debian 13 Trixie uses OpenSSL 3.5:
$ nginx -V
nginx version: nginx/1.29.3
built by gcc 14.2.0 (Debian 14.2.0-19)
built with OpenSSL 3.5.1 1 Jul 2025
TLS SNI support enabled
...
NGINX Kubernetes Solutions
F5 NGINX Ingress Controller
This discrepancy in PQC availability equally applies to the current open-source release of F5 NGINX Ingress Controller (5.2.1). The default image is based on Debian 12, which does not have PQC available – although Debian 13 support is expected in the upcoming release. However, choosing the Alpine image (based on Alpine 3.22) will enable PQC support immediately.
If you’ve migrated to open-source F5 NGINX Ingress due to the recent community Ingress NGINX retirement announcement, welcome! Deploying a PQC-ready F5 NGINX Ingress version can be achieved easily via Helm. It simply involves updating the image tag of the Helm values.yaml file.
# F5 NGINX Ingress values.yaml
# Select the Alpine based tag
controller:
image:
repository: nginx/nginx-ingress
tag: 5.2.1-alpine
F5 NGINX Gateway Fabric
The current release of F5 NGINX Gateway Fabric (2.2.1) is based on Alpine 3.22. If running the latest release, then you are already PQC-enabled.
Once you have an OpenSSL ≥3.5 NGINX version, you can validate that PQC-safe ciphers are enabled with a quick OpenSSL CLI test. Note that the success of this test requires a PQC enabled OpenSSL on the client and server.
# Instruct OpenSSL CLI to connect with a hybrid PQC cipher
$ openssl s_client -groups "X25519MLKEM768" -tls1_3 -connect community.f5.com:443 2>/dev/null
Negotiated TLS1.3 group: X25519MLKEM768
Build It Yourself
Being open-source, users have always been able to compile NGINX themselves. See our documentation on compiling NGINX from source (https://docs.nginx.com/nginx/admin-guide/installing-nginx/installing-nginx-open-source/#sources) and ensure that you select a ≥3.5 release of OpenSSL.