[gnutls-help] dh parameters
Nikos Mavrogiannopoulos
nmav at gnutls.org
Tue Sep 17 15:45:45 CEST 2019
On Wed, Aug 28, 2019 at 7:56 AM Gregory Sloop <gregs at sloop.net> wrote:
>
> For some applications - say OpenVPN servers - I need a dh.pem [dh parameters file]
> It looks like GNUTLS doesn't have the option to generate dh params like OpenSSL does, but has the following as a option:
> certtool --get-dh-params --outfile dh.pem --sec-param ultra
>
> 1) Will that ^^ do what I want?
Yes it will do what you want. Though you can always generate DH
parameters with --generate-dh-params. There is no reason to however,
more background in:
https://www.gnutls.org/manual/html_node/Parameter-generation.html
regards,
Nikos
More information about the Gnutls-help
mailing list