Site icon My Blog

Creating DH Parameters

By default DH Parameters are just 1024bits in Ubuntu 12.04.5 LTS which is considered weak by todays standards.
You will need to create a new one of either 2048Bit or 4096Bit depending on your certificates public key size.

1. Create a folder to hold the dhparams…

2. Move to that directory

3. Create the new DH Parameters, at 2048Bit

And 4096Bit (this will take some time)

5. You can also create DSA versions, at 2048Bit…

And 4096Bit

Now you can add the directives to your servers, Courier-Imap, Dovecot, Nginx and Postfix.

Courier-Imap

Dovecot (creates it’s own)

Nginx

Postfix

Enjoy!

Exit mobile version