ECDH – Elliptic Curve Diffie-Hellman

image_print

Generate 4096 bit DH key

openssl dhparam -out /etc/ssl/certs/dhparams.pem 4096 

Apache configuration

SSLEngine on
SSLOpenSSLConfCmd DHParameters "/etc/ssl/certs/dhparams.pem"
SSLOpenSSLConfCmd ECDHParameters secp384r1
SSLOpenSSLConfCmd Curves secp521r1:secp384r1

See also