On Tue, May 5, 2015 at 3:14 PM, Yann Ylavic <ylavic....@gmail.com> wrote: > > *) mod_ssl: Improve handling of ephemeral DH and ECDH keys by > allowing custom parameters to be configured via SSLCertificateFile, > and by adding standardized DH parameters for 1024/2048/3072/4096 bits. > Unless custom parameters are configured, the standardized parameters > are applied based on the certificate's RSA/DSA key size. [Kaspar Brand]
I forgot to mention that this might potentially break some clients (Java 7 and earlier only?), as noted in the docs/faq changes. These expect 1024 bits DH params prime lengths whatever the certificate's modulus' length is... Should we have a special (2.2.x only?) directive to help mitigate the possible regression (e.g. to force 1024 primes max only, default?), or is the documented workaround enough (i.e. add dhparams in the configured SSLCertificateFile)? BTW, I proposed [1] for backport in r1678107, having tested the patch successfully for [E[C]]DH, with certificates (modulus) >= 1024 bits, and OpenSSL versions 0.9.7a, 0.9.8o, 1.0.1m and 1.0.2a. [1] http://people.apache.org/~ylavic/httpd-2.2.x-mod_ssl-improved_EDH.patch
