tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject [Bug 56108] Allow user-defined Diffie-Hellman parameters (secure DH-Cipher)
Date Sat, 23 May 2015 15:41:35 GMT
https://bz.apache.org/bugzilla/show_bug.cgi?id=56108

--- Comment #3 from Rainer Jung <rainer.jung@kippdata.de> ---
I have ported the current mod_ssl code from httpd to tcnative with the
following features:

- by default use the same size for DH as the key used in the certificate. So
certificate strength reflects in key exchange strengths.

- optionally you can generate your own DH params using "opsnssl dhparam" and
add them into the certificate file. We will find the data there automatically
(if present) and use these params instead.

A docs update will follow soon.

I guess with these improvements we can fix this issue here as soon as the next
tcnative 1.1.34 gets released.

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message