Secure Diffie-Hellman parameters for Lighttpd with SNI

TL;DR You need to put your dh-file configuration before your SNI configuration.

<=1024 bit DH keys are known to be crackable partially due to the Logjam attack. A strong TLS configuration for a Diffie-Hellman key exchange uses keys larger than 1024 bit. For more information see

In lighttpd you can point the option ssl.dh-file to the file that contains your DH parameters. You can generate such a file like this:

openssl dhparam -out dhparam.pem -outform PEM -2 2048

To test if your server uses a strong DH group, you can use the openssl command: openssl s_client -connect -cipher "EDH" | grep "Server Temp Key"

I tried deploying my configuration by putting the DH parameters per domain for SNI. This configuration is wrong, don't use it

$HTTP["host"] == "" { ssl.pemfile = "/etc/letsencrypt/live/" = "/etc/letsencrypt/live/" ssl.dh-file = "/etc/letsencrypt/live/" } $HTTP["host"] == "" { ssl.pemfile = "/etc/letsencrypt/live/" = "/etc/letsencrypt/live/" ssl.dh-file = "/etc/letsencrypt/live/" }

Your dh-file should go before the SNI configuration. The configuration below works.

$SERVER["socket"] == ":443" { ssl.engine = "enable" ssl.pemfile = "/etc/letsencrypt/live/" ssl.dh-file = "/etc/letsencrypt/live/" = "secp384r1" ssl.cipher-list = "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH" ssl.honor-cipher-order = "enable" ssl.use-comcodession = "disable" ssl.use-sslv3 = "disable" ssl.use-sslv2= "disable" $HTTP["host"] == "" { ssl.pemfile = "/etc/letsencrypt/live/" = "/etc/letsencrypt/live/" } $HTTP["host"] == "" { ssl.pemfile = "/etc/letsencrypt/live/" = "/etc/letsencrypt/live/" } }

August, 2018