I manage our small Linux based company server which holds some CUI Gov't files so security is paramount. I just changed from 2048 bit to 4096 bit certificates using EasyRSA-3.0.5 and generated a dhp4096.pem file directly into the /etc/openvpn folder with the openssl command instead of generating it first with gen-dh in the EasyRSA-3.0.5 folder and transferring a copy into the /etc/openvpn folder as was the case with the 2048 bit installation. There was no dhp4096.pem file in the EasyRSA-3.0.5 folder when I continued the rest of the configuration. Will this alter anything such as the public key, HMAC or any other aspect? Everything works fine, just curious.
Thank you in advance.
Support forum for Easy-RSA certificate management suite.
2 posts • Page 1 of 1