Skip to content
Commit e4589582 authored by Bodo Möller's avatar Bodo Möller
Browse files

Always use fixed DH parameters created with 'dhparam -C',

don't dynamically create them.  This allows using ssltest
for approximate performance comparisons:
   $ time ./ssltest -num 50 -tls1 -cert ../apps/server2.pem \
     [-no_dhe|-dhe1024dsa|-dhe1024]
(server2.pem contains a 1024 bit RSA key, the default has only
512 bits.) Note that these timings contain both the server's and
the client's computations, they are not a good indicator for
server workload in different configurations.
parent ce301b6b
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment