Create a Diffie-Helman Parameter File

This terminal command generates a Diffie-Hellman parameters file with 4096 bits. This provides good security while still providing acceptable performance.

Note that even for “only” 4096 bits generating the parameters will usually take a couple of minutes. Larger parameter sizes might take many hours to days to generate.


From the terminal (I created a directory called /var/pki and ran the command there):

openssl dhparam -out dhparams.pem 4096

Your CPU will spike for a few minutes as the output file dhparams.pem is generated:

Configure OpenLiteSpeed

You can then configure switch to the OpenLightspeed WebAdmin dashboard and configure your Virtual Host under SSL > SSL Protocol > DH Parameter to the path and filename you created:

That’s it, you’re done.