

Deploying TLS the hard way - ttaubert
https://timtaubert.de/blog/2014/10/deploying-tls-the-hard-way/

======
wahern
It's not necessary to generate DH parameters to enable ephemeral keys in
Nginx. Nginx ships with a static, built-in set of DH parameters. You just need
to make sure that the configured cipher suite includes ephemeral keying. And
it'll normally be enabled by default as long as you don't specifically disable
it.

(For ECDH you don't even have the option of generating new parameters as the
curves are fixed by definition.)

Proof of automatic ephemeral keying:

1) ngx_ssl_dhparam in src/event/ngx_event_openssl.c calls SSL_CTX_set_tmp_dh
with a statically constructed DH* object if the file parameter is empty.

2) ngx_http_ssl_merge_srv_conf in src/http/modules/ngx_http_ssl_module.c
unconditionally calls ngx_ssl_dhparam.

That only establishes automatic ephemeral keying. To get Perect Forward
Secrecy you must make sure that the SSL context regenerates the private key
component of the DH parameters for each session. For that you must enable the
OP_SINGLE_DH_USE OpenSSL option. That option is unconditionally enabled by
ngx_ssl_create in src/event/ngx_event_openssl.c. (The equivalent for ECDH is
OP_SINGLE_ECDH_USE, which is also set.)

