Hello,
I am on Postfix 3.4.23. I currently have this in my main.cf:
smtpd_tls_dh1024_param_file = /etc/ssl/private/dh/dh2048.pem
smtpd_tls_dh512_param_file = /etc/ssl/private/dh/dh512.pem
now I read that Postfix already includes a high-quality 2048-bit prime
by default (despite the name dh1024), and that 512 should not be used at all
is there any advantage using my own generated dh2048.pem ?
or should I remove both lines from main.cf ?
or only the 512 key?
_______________________________________________
Postfix-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
