The dhparam file cam be whichever you want it to be **provided that** you configure it per server block.
Refer to the config documentation - http://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_dhparam - and the 'context' being 'http' or 'server' - you can define different dhparam files for each server block. This said, if you don't define this each server, it'll disable DHE ciphers (but not ECDHE ciphers). Thomas On 3/19/20 10:42 AM, q1548 wrote: > Hello Maxim, > > Thanks for your helps. "http level...", Oh, not just a hardware server, > several different dedicated servers. > > When wildcard SSL is used, the CRT file and the KEY file should be the same > in each hardware server, I just want to know, can each server use its > private dhparam file or must I use the same dhparam file? thank you very > much. > > Posted at Nginx Forum: > https://forum.nginx.org/read.php?2,287383,287385#msg-287385 > > _______________________________________________ > nginx mailing list > nginx@nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx >
_______________________________________________ nginx mailing list nginx@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx
