On Thu, May 19, 2011 at 12:42:57AM +0200, Gilles Chehade wrote:
> smtpd is just telling you that you did not generate Diffie-Hellman
> parameters [see smtpd.conf(5) / starttls(8)], and that it will use
> its own builtin parameters.
>
> It is safe to ignore the message, but it is safer to actually take
> the time to generate your very own parameters. We don't do it when
> booting or starting smtpd for the first time because it can take a
> very looooooooooong time :-)
Okay, but how big (long) DH parameters file I should generate? Is this
something simple as:
openssl dhparam -outform PEM -out dh.pem <size>
I didn't really get that after reading smtpd.conf(5) and starttls(8).
--
best regards
q#
