Generating 4096 pem
Posted: Tue Sep 03, 2019 9:51 pm
Hello,
I manage our small Linux based company server which holds some CUI Gov't files so security is paramount. I just changed from 2048 bit to 4096 bit certificates using EasyRSA-3.0.5 and generated a dhp4096.pem file directly into the /etc/openvpn folder with the openssl command instead of generating it first with gen-dh in the EasyRSA-3.0.5 folder and transferring a copy into the /etc/openvpn folder as was the case with the 2048 bit installation. There was no dhp4096.pem file in the EasyRSA-3.0.5 folder when I continued the rest of the configuration. Will this alter anything such as the public key, HMAC or any other aspect? Everything works fine, just curious.
Thank you in advance.
Joe
I manage our small Linux based company server which holds some CUI Gov't files so security is paramount. I just changed from 2048 bit to 4096 bit certificates using EasyRSA-3.0.5 and generated a dhp4096.pem file directly into the /etc/openvpn folder with the openssl command instead of generating it first with gen-dh in the EasyRSA-3.0.5 folder and transferring a copy into the /etc/openvpn folder as was the case with the 2048 bit installation. There was no dhp4096.pem file in the EasyRSA-3.0.5 folder when I continued the rest of the configuration. Will this alter anything such as the public key, HMAC or any other aspect? Everything works fine, just curious.
Thank you in advance.
Joe