nginx and ephemeral Diffie-Hellman keys
Jauder Ho
lists at ruby-forum.com
Fri Jun 13 15:52:35 MSD 2008
Igor,
Thanks much! I just applied the patch (to 0.7.1) and tried it out. The
patch works as expected and supports both strong prime and DSA style DH
keys.
For the record, the DH keys were generated with the following commands
(with the dsaparam being more efficient but less secure. see dhparam man
page).
openssl dhparam -out dh1024.pem -5 1024
openssl dhparam -dsaparam -out dh1024dsa.pem -5 1024
--Jauder
Igor Sysoev wrote:
>
> nginx does not support DH keys.
> The attached patch adds ssl_dhparam directive:
>
> ssl_dhparam /path/to/PEM_DHparam;
--
Posted via http://www.ruby-forum.com/.
More information about the nginx
mailing list