This terminal command generates a Diffie-Hellman parameters file with 4096 bits. This provides good security while still providing acceptable performance.
Note that even for “only” 4096 bits generating the parameters will usually take a couple of minutes. Larger parameter sizes might take many hours to days to generate.
From the terminal (I created a directory called /var/pki and ran the command there):
openssl dhparam -out dhparams.pem 4096
Your CPU will spike for a few minutes as the output file
dhparams.pem is generated:
You can then configure switch to the OpenLightspeed WebAdmin dashboard and configure your Virtual Host under SSL > SSL Protocol > DH Parameter to the path and filename you created:
That’s it, you’re done.