Hello I would like to avoid using common Diffie Hellman primes in order to improve the security during key exchange, I tried to follow these steps: https://weakdh.org/sysadmin.html
I know how to exclude some cipher suites: https://www.eclipse.org/jetty/javadoc/jetty-11/org/eclipse/jetty/util/ssl/SslContextFactory.html#addExcludeCipherSuites(java.lang.String...) However, I haven't found a way of telling Jetty to use new DH parameters generated with "openssl dhparam -out dhparams.pem 2048". Where can I cleanly override that? Best regards.
_______________________________________________ jetty-users mailing list jetty-users@eclipse.org To unsubscribe from this list, visit https://www.eclipse.org/mailman/listinfo/jetty-users
