Skip to main content


tls_dhparams_file — specifies the file of Diffie Hellman (DHE) parameters that add per-session randomness to the encryption. Default parameters are built in the product if none are specified.


tls_dhparams_file = /path/to/dh.pem


The tls_dhparams_file option can be generated with the file openssl dhparam -out /path/to/dh512.pem 512. It is recommended that you regularly (e.g., weekly) regenerate this file.

This option has no default value; instead, it uses internally-specified DHE parameters.


tls_dhparams_file is valid in the global scope.

Was this page helpful?