Scroll to navigation

MKDHPARAMS(8) Double Precision, Inc. MKDHPARAMS(8)

NAME

mkdhparams - create DH parameter file

SYNOPSIS

/usr/sbin/mkdhparams

DESCRIPTION

This script creates new DH parameters and saves them in /etc/ssl/private/dhparams.pem. If this file already exists and it's less than 25 days old, the script returns immediately. If this file is over 25 days old, new DH parameters get generated and the file gets replaced.

This script is intended to be execute when the system boots, or from a monthly cron job.

FILES

/etc/ssl/private/dhparams.pem

DH Parameter file.

ENVIRONMENT VARIABLES

BITS

Customize the DH parameter bit size. The default value depends on whether this script uses OpenSSL or GnuTLS libraries. For OpenSSL the default number of bits is 2048. GnuTLS uses a security level setting, rather than the number of bits, and the default security level is "high".


Note

It make take several minutes to generate new DH parameters with the default strength.

SEE ALSO

courier(8)[1]

AUTHOR

Sam Varshavchik

Author

NOTES

1.
courier(8)
11/04/2020 Courier Mail Server