Am 01.04.2015 um 15:30 schrieb Leif Hedstrom:
It was decided from experiences at LinkedIn that DHE was unstable and/or causing problems in general. It was deemed an incompatible change that should not have happened in the 5.x cycle, so we restored defaults to a state as it was in 5.1. I'll let Thomas and Brian give more details on the issues with DHE. You can still use DHE but you would have to move the params into a file and explicitly tell ATS to use those params.
but in which file and how to configure - the docs don't mention it? IMHO the certs file containing the DHE as well as EC params should be enough
On Apr 1, 2015, at 4:04 AM, Reindl Harald <[email protected]> wrote: Hi why are DHE ciphers no longer available after update to 5.2.1? the crtificate files are PEM with * intermediate CA * private key * certificate * ec params * dh params in a single file which is supported for a long time by httpd and worked with the previous ATS release too (which introduced DHE at all)
signature.asc
Description: OpenPGP digital signature
