Who is Diffie Hellman

What is a Diffie Hellman Key?

DH Key exchange

DH Params

You should also specify your own Diffie-Hellman (DH) key exchange parameters. What you should know about it is that it is a protocol which allows two parties to negotiate a secret without ever putting that secret on the wire. It is pretty impressive piece of “artwork”.

Tell nginx to use DH params:


You can use openssl dhparam to generate parameters:

 

Generate DH parameters with at least 2048 bits. If you use 4096 bits for your TLS certificate you should match it in DH parameters too.

Lees meer;
https://www.ietf.org/rfc/rfc5114

Peter-Paul Rijsdijk

Peter-Paul Rijsdijk

Eigenaar Webstijlen / WordPress en Webhosting expert Vragen? 0643873811 / peterpaul@webstijlen.nl