[gnutls-help] dh parameters
gregs at sloop.net
Wed Aug 28 07:39:49 CEST 2019
For some applications - say OpenVPN servers - I need a dh.pem [dh parameters file]
It looks like GNUTLS doesn't have the option to generate dh params like OpenSSL does, but has the following as a option:
certtool --get-dh-params --outfile dh.pem --sec-param ultra
1) Will that ^^ do what I want?
2) So, is there any difference between that and the openssl command to generate dh params?
openssl dhparam -out /config/auth/dh.pem 4096
3) If the certtool example above isn't adequate, is there a good way to accomplish what I want in certtool, or otherwise?
4) Can someone point me to something that might be accessible to a mere mortal [i.e. non-cryptographer] for explanation? :)
#1 and 3 are the most important for me to get answers to.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Gnutls-help