DH parameter reading in OPENSSL 3
openssl-users at dukhovni.org
Wed Jul 13 15:44:08 UTC 2022
On Wed, Jul 13, 2022 at 04:35:42PM +0200, Dirk Stöcker wrote:
> when upgrading to openssl3 my code states that some functions are
> deprecated in openssl 3, but even after reading documentation I was
> unable to find a non-deprecated replacement.
> Now it seems the default can be replaced by
> SSL_CTX_set_dh_auto(context, 1);
This is preferred over all explicit parameter choices, as it allows the
server and client to negotiate a common known-strong group.
More information about the openssl-users