Using custom DH Param in Nginx
Generate DH Param using openssl:
openssl dhparam -out dhparam.pem 2048
This might take a while to complete depending on the length of the key.
In most cases, 2048 is enough and you do not want to use 1024. You may use a key length higher than 2048, such as 4096, but note that there is a computation cost for longer key length.
Next configure nginx to use it for key exchange:
ssl_dhparam /path/to/dhparam.pem;Finally restart your nginx server.
AI Summary
Chrome On-device AI
2025-01-15 19:37:50
Share Article