Support for wolfSSL is implemented and maintained by wolfSSL Inc. The support is implemented using wolfSSL's compatibility layer. The wolfSSL support in OpenVPN receives very limited testing/support from the OpenVPN community itself. If bugs in OpenVPN when using wolfSSL are encountered, the user should try to also compile OpenVPN with OpenSSL to determine if these are bugs in the wolfSSL TLS implementation or OpenVPN itself. If bugs are caused by compiling with wolfSSL, please contact support@wolfssl.com directly. To Build and Install, ./configure --with-crypto-library=wolfssl make make install The wolfSSL library will include the installed options.h file by default. To include a custom user_settings.h file for wolfSSL, ./configure --with-crypto-library=wolfssl --disable-wolfssl-options-h make make install ************************************************************************* Due to limitations in the wolfSSL TLS library or its compatibility layer, the following features are missing * blowfish support (BF-CBC), you must use something like cipher AES-128-CBC to avoid trying to use BF-CBC * Windows CryptoAPI support ************************************************************************* To build WolfSSL with post-quantum KEMs built in, the following command is used: ./configure --enable-openvpn --enable-kyber=all --enable-curve25519 WolfSSL supports the following post-quantum KEMs and post-quantum hybrid KEMs which must be specified using the tls-groups option in an OpenVPN config. Unlike OpenSSL, which includes X25519MLKEM768 in the default config, WolfSSL requires explicit configuration of tls-groups to include at least one post-quantum KEM. ML_KEM_512 ML_KEM_768 ML_KEM_1024 P256_ML_KEM_512 X25519_ML_KEM_512 P384_ML_KEM_768 P256_ML_KEM_768 X448_ML_KEM_768 X25519_ML_KEM_768 P384_ML_KEM_1024 P521_ML_KEM_1024 The naming conventions of algorithms differ between WolfSSL and OpenSSL. An example is that OpenSSL omits underscores for their naming notation whereas WolfSSL expects them. Additionally, OpenSSL does not accept the P curve notation and instead uses the equivalent secp notation. A specific example is that WolfSSL expects P384_ML_KEM_1024, while OpenSSL expects secp384r1MLKEM1024.