On 27 May 2019 23:41 @lbutlr via dovecot < dovecot@dovecot.org> wrote:

Does ssl_dh need to be manually updated each time the underlying certificate renews?

--

2+2=5 for sufficiently large values of 2.

I'd say no. It might be a good idea to occasionally generate new one, or you could try just disabling non-ec dh algorithms.

---
Aki Tuomi