• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Logjam + haproxy as ssl-terminator

Scheduled Pinned Locked Moved Cache/Proxy
1 Posts 1 Posters 1.0k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • T
    treuss
    last edited by May 21, 2015, 3:28 PM May 21, 2015, 3:05 PM

    –- SOLVED ---

    All I had to do was to set tune.ssl.default-dh-param 2048

    Hi,

    we're using HAproxy to terminate our SSL-connections in Pfsense (2.2-RELEASE).
    Is there a way to regenerate dhparams (in order to protect against logjam) on a pfsense setup?

    Usually you'd invoke
    openssl dhparam -out dhparams.pem 2048 ?
    and link it in apache's config using
    SSLOpenSSLConfCmd DHParameters "{path to dhparams.pem}"

    For obvious reasons, this is not possible in our case.

    Thanks!

    1 Reply Last reply Reply Quote 0
    1 out of 1
    • First post
      1/1
      Last post
    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
      This community forum collects and processes your personal information.
      consent.not_received