Skip to content

Commit be10796

Browse files
authored
update key length , speed up dhparam generation
1 parent 3cbc541 commit be10796

File tree

1 file changed

+3
-3
lines changed

1 file changed

+3
-3
lines changed

generate-dhparam.sh

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
#!/bin/bash -e
22

3-
# The first argument is the bit depth of the dhparam, or 2048 if unspecified
4-
DHPARAM_BITS=${1:-2048}
3+
# The first argument is the bit depth of the dhparam, or 4096 if unspecified
4+
DHPARAM_BITS=${1:-4096}
55
GENERATE_DHPARAM=${2:-true}
66

77
# If a dhparam file is not available, use the pre-generated one and generate a new one in the background.
@@ -43,7 +43,7 @@ touch $GEN_LOCKFILE
4343
# Generate a new dhparam in the background in a low priority and reload nginx when finished (grep removes the progress indicator).
4444
(
4545
(
46-
nice -n +5 openssl dhparam -out $DHPARAM_FILE.tmp $DHPARAM_BITS 2>&1 \
46+
nice -n +5 openssl dhparam -dsaparam -out $DHPARAM_FILE.tmp $DHPARAM_BITS 2>&1 \
4747
&& mv $DHPARAM_FILE.tmp $DHPARAM_FILE \
4848
&& echo "dhparam generation complete, reloading nginx" \
4949
&& nginx -s reload

0 commit comments

Comments
 (0)