On Wed, Sep 18, 2013 at 11:19:27PM -0700, Howard Chu wrote: > Read the slapd.conf(5) or slapd-config(5) manpage. You must > configure the TLSDHParamFile.
Thanks. > Your ciphersuite is wrong anyway. You want DHE, not DH, for PFS. Either I miss something subbtle, or I am right: $ openssl ciphers DH:!SHA:!aNULL|tr ':' '\n' DHE-DSS-AES256-GCM-SHA384 DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-SHA256 DHE-DSS-AES256-SHA256 DHE-DSS-AES128-GCM-SHA256 DHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES128-SHA256 DHE-DSS-AES128-SHA256 $ openssl ciphers DHE:!SHA:!aNULL|tr ':' '\n' Error in cipher list -- Emmanuel Dreyfus [email protected]
