[openssl-users] A question DH parameter generation and usage

Jayalakshmi bhat bhat.jayalakshmi at gmail.com
Wed Dec 6 06:02:12 UTC 2017


We are planning to use DHE_RSA TLS ciphers into our product. I have few
questions on using DH parameter. We would like to use DH-2048.

our product includes both TLS client and server applications. Thus any time
there will be considerable number of active connectioons.

I believe we can use same DH parameter for all the server connections. Is
my understanding correct? Is there any risk in using same parameter for all
the server connections.

Another question is what is guidelines/document should be followed to
derive DH parameter.

Any input is appreciated.

Thanks and Regards
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20171205/d0b6e9ec/attachment.html>

More information about the openssl-users mailing list