[Bug 57984] Patch to add user-specified Diffie-Hellman parameters to Apache 2.2.29

[bu...@apache.org]

https://bz.apache.org/bugzilla/show_bug.cgi?id=57984

--- Comment #1 from Rainer Jung <ra...@kippdata.de> ---
The original approach in BZ 49559 was not the one actually implemented in
2.4.x. In 2.4 starting with 2.4.7, first of all the strength of the default DH
params are derived from the strength of the certificate file. So if for example
the certificate uses a 2048 bit key, then httpd will automatically also choose
(standard) 2048 bit parameters for the ephemeral DH key exchange.

Furthermore you can generate custom params like in your approach, but instead
of putting them into a seperate file you configure with a new directive, you
just append the params to the first configured certificate file.

This approach has been backported to 2.2.x and will be part of 2.2.30.

You can test it by building a current (non-released) 2.2.x trunk or by applying
r1680916 (svn.apache.org/r1680916). Feedback on our approach is welcome. As
said it works the same way as a current 2.4 version.

The official release of 2.2.30 should not be too far in the future, but it has
not yet been tagged.

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org