[ https://issues.apache.org/jira/browse/TS-3711?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14601066#comment-14601066 ]
ASF subversion and git services commented on TS-3711: ----------------------------------------------------- Commit c58461c1c3908caada4507109e917c10d0fd1e6b in trafficserver's branch refs/heads/master from shinrich [ https://git-wip-us.apache.org/repos/asf?p=trafficserver.git;h=c58461c ] TS-3711: Allow DHE ciphers in ciphersuite list to be negotiable. > Allow DHE ciphers in the ciphersuite list to be negotiable > ---------------------------------------------------------- > > Key: TS-3711 > URL: https://issues.apache.org/jira/browse/TS-3711 > Project: Traffic Server > Issue Type: Bug > Components: SSL > Reporter: Susan Hinrichs > Assignee: Susan Hinrichs > Fix For: 6.0.0 > > > As it stands, adding a DHE- cipher to the cipher suite list is not sufficient > to allow a DHE protocol to be negotiated. One must also add a dhparams file. > > We should re-introduce the logic to automatically create DHParams if none is > specified. We currently have logic in the that could create a fixed 2048 bit > DHParams, but it is not currently enabled. The disabling was tracked in > TS-3437. > Now that we are at a major release, we should reactivate this logic, since it > seems odd and not user-friendly to have a two step process for activating > DHE- ciphers (unlike any other cipher family). -- This message was sent by Atlassian JIRA (v6.3.4#6332)