WH | it system administration

winnis knowledge base

kb

OpenSSL strong DHparam key in Ubuntu and Nginx

winni

#Generate DH Key

#/etc/ssl/ is the directory of default certificates thats why i used this directory

#this process can take some time (from minutes to hours!)

sudo openssl dhparam -out /etc/ssl/private/dhparams_4096.pem 4096

#Set the DH key Permissions

sudo chmod 640 /etc/ssl/private/dhparams_4096.pem
sudo chown root:root /etc/ssl/private/dhparams_4096.pem

#Add following line in NGINX config at /etc/nginx/nginx.com in http section

ssl_dhparam /etc/ssl/private/dhparams_4096.pem;

You May Also Like

SSLLabs 100% in all sections Ubuntu Nginx and LetsEncrypt

winni

Centos | Decrease a LVM partition

winni

Centos 7 | Install and setup samba server ( file sharing)

winni