SSL Server setup DH/ECDH

Matt Caswell matt at openssl.org
Tue Aug 6 10:11:46 UTC 2019 


On 06/08/2019 11:07, Chitrang Srivastava wrote:
> Thanks Matt,
> 
> So now I have, which i believe is enough ?
> 
> SSL_CTX_set_options(s_ctx,  SSL_OP_NO_RENEGOTIATION |
> SSL_OP_CIPHER_SERVER_PREFERENCE);
> SSL_CTX_set_min_proto_version(s_ctx, TLS1_2_VERSION);

This is fine although it obviously prevents connections from very old clients
that don't support TLSv1.2. This might not be a problem for you depending on
your situation.

Matt

> 
> On Tue, Aug 6, 2019 at 3:04 PM Matt Caswell <matt at openssl.org
> <mailto:matt at openssl.org>> wrote:
> 
> 
> 
>     On 06/08/2019 09:42, Chitrang Srivastava wrote:
>     > Hi,
>     >
>     > I am implementing HTTPs server using openssl 1.1.1b.
>     > Is it mandatory to setup these API's while creating ssl context ?
>     >
>     > SSL_CTX_set_tmp_ecdh
>     >
>     > SSL_CTX_set_tmp_dh
> 
>     By default OpenSSL will automatically use ECDH if appropriate and choose a
>     suitable group so there is no need to call SSL_CTX_set_tmp_ecdh() unless you
>     want more control over which specific group is used.
> 
>     OpenSSL will not use DH unless you specifically configure it. If you want to
>     make use of DH based ciphersuites then you must either call SSL_CTX_set_tmp_dh()
>     or SSL_CTX_set_dh_auto() (or the SSL_* equivalents). Calling the former enables
>     you to configure any arbitrary DH group that you choose. Calling the latter will
>     enable the built-in DH groups.
> 
>     It is not mandatory to call any of the above.
> 
>     >
>     > Also any suggestion what all options one should set while setting up
>     server like
>     > SSL_CTX_set_options like SSL_OP_NO_SSLv2 |SSL_OP_NO_SSLv3
> 
>     Don't use the protocol version specific options at all. Use
>     SSL_CTX_set_min_proto_version() if you want to specify a minimum protocol
>     version. SSLv2 is no longer supported at all. SSLv3 is compiled out by default.
> 
>     Other options that are worth considering are SSL_OP_NO_RENEGOTIATION and
>     (possibly) SSL_OP_CIPHER_SERVER_PREFERENCE. Generally you don't need the others
>     unless there is a specific problem you are trying to solve.
> 
>     Matt
>

More information about the openssl-users mailing list