Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

is there a method to enable the use of dh key size 2048 for ssl connections? #4827

Open
omerbrandis opened this issue Dec 23, 2024 · 1 comment
Open

is there a method to enable the use of dh key size 2048 for ssl connections? #4827

omerbrandis opened this issue Dec 23, 2024 · 1 comment

Comments

@omerbrandis
Copy link
Contributor

Hello all,

I've been using Poco::Net::HTTPServer with Poco::Net::ServerSocket successfully for a while,
and have lately been asked to enable use of dh key of 2048 in the ssl handshake.
I've noticed that there's a dedicated parameter for this in the Context class called dhUse2048Bits
but also that SSLManager::initDefaultContext does not explicitly set it, and in practice it looks like that the ssl handshakes are made using a 1024 bit key. ( the cmd openssl s_client -connect .... returns "Server Temp Key: DH, 1024 bits").

thus I'm my question is how can the use of dh key sized 2048 can be enabled ?
or if there's a workaround for this ?

thanks
@omerbrandis
Copy link
Contributor Author

version 1.14 seems to have enhancments for this issue,
but I was unable to use it , see 4831

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@omerbrandis