Dear all,
When configuring nginx with intermediate configuration, the comments about dhparameters says:
# curl https://ssl-config.mozilla.org/ffdhe2048.txt > /path/to/dhparam.pem
ssl_dhparam /path/to/dhparam.pem;
IMO it is more appropriated to use a dynamic dh generated parameters, such as:
# openssl dhparam -out /path/to/dhparam.pem 2048
ssl_dhparam /path/to/dhparam.pem;
This would be more secure as well as keep it simple.
Regards, italo
Dear all,
When configuring nginx with intermediate configuration, the comments about dhparameters says:
IMO it is more appropriated to use a dynamic dh generated parameters, such as:
This would be more secure as well as keep it simple.
Regards, italo