ssl_dh
sergio
sergio at outerface.net
Sat Mar 16 12:50:26 EET 2019
https://wiki.dovecot.org/SSL/DovecotConfiguration says:
"Since v2.3.3+ Diffie-Hellman parameters have been made optional, and
you are encouraged to disable non-ECC DH algorithms completely."
and a bit later:
"From version 2.3, you must specify path to DH parameters file using
ssl_dh=</path/to/dh.pem"
So.
1. Is ssl_dh an optional or a must?
2. I've disabled ssl_dh in my config. Dovecot works fine except it shows
warnings:
doveconf: Warning: please set ssl_dh=</etc/dovecot/dh.pem
doveconf: Warning: You can generate it with: dd ...
I'm using dovecot version 2.3.4.1-1~bpo9+1 from debian stretch-backports
--
sergio.
More information about the dovecot
mailing list