On 27 May 2019 23:41 @lbutlr via dovecot < dovecot@dovecot.org> wrote:


Does ssl_dh need to be manually updated each time the underlying certificate renews?

--
2+2=5 for sufficiently large values of 2.

I'd say no. It might be a good idea to occasionally generate new one, or you could try just disabling non-ec dh algorithms.
---
Aki Tuomi