diff --git a/cmd/keymasterd/app.go b/cmd/keymasterd/app.go
index d51ee44..c6c9354 100644
--- a/cmd/keymasterd/app.go
+++ b/cmd/keymasterd/app.go
@@ -1945,7 +1945,7 @@ func main() {
 		ClientAuth:               tls.VerifyClientCertIfGiven,
 		GetCertificate:           runtimeState.certManager.GetCertificate,
 		MinVersion:               tls.VersionTLS12,
-		CurvePreferences:         []tls.CurveID{tls.CurveP521, tls.CurveP384, tls.CurveP256},
+		CurvePreferences:         []tls.CurveID{tls.CurveP521, tls.CurveP384, tls.CurveP256, tls.X25519},
 		PreferServerCipherSuites: true,
 		CipherSuites: []uint16{
 			tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
@@ -2014,7 +2014,7 @@ func main() {
 		ClientAuth:               tls.VerifyClientCertIfGiven,
 		GetCertificate:           runtimeState.certManager.GetCertificate,
 		MinVersion:               tls.VersionTLS12,
-		CurvePreferences:         []tls.CurveID{tls.CurveP521, tls.CurveP384, tls.CurveP256},
+		CurvePreferences:         []tls.CurveID{tls.CurveP521, tls.CurveP384, tls.CurveP256, tls.X25519},
 		PreferServerCipherSuites: true,
 		CipherSuites: []uint16{
 			tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,