[gnutls-help] dh parameters

Nikos Mavrogiannopoulos nmav at gnutls.org
Tue Sep 17 15:45:45 CEST 2019

On Wed, Aug 28, 2019 at 7:56 AM Gregory Sloop <gregs at sloop.net> wrote:
> For some applications - say OpenVPN servers - I need a dh.pem [dh parameters file]
> It looks like GNUTLS doesn't have the option to generate dh params like OpenSSL does, but has the following as a option:
> certtool --get-dh-params --outfile dh.pem --sec-param ultra
> 1) Will that ^^ do what I want?

Yes it will do what you want. Though you can always generate DH
parameters with --generate-dh-params. There is no reason to however,
more background in:


More information about the Gnutls-help mailing list