On 29 Apr, Shawn Heisey wrote:
> I know that a fresh install can be instantly operational with TLS,
> suggesting that it is not generating them on the fly ... so I really wonder
> how secure the default params are. I wonder what is being used when there
> are no params in the cert file. Does it
On 4/29/22 12:42, Branitsky, Norman wrote:
If you include the following in your HAProxy configuration global
section you don't need to include DH Params in the certificate:
tune.ssl.default-dh-param 2048
It takes several minutes to generate params, so I doubt that with that
option that
On 4/29/22 11:16, Henning Svane wrote:
I have tried to build a PEM Certificate, but with no luck.
What should it include and in which order?
I use certs issued by LetsEncrypt.
My certificate file that I use for haproxy and most other software doing
TLS has four PEM-encoded items in it:
3 matches
Mail list logo
