Hello!

On Thu, Mar 19, 2020 at 05:42:28AM -0400, q1548 wrote:

> I want to use a Wildcard SSL on several servers.
>
> "ssl_certificate" and "ssl_certificate_key" are same CRT file and KEY file,
> but for "ssl_dhparam", each server have its private dhparam file? or use the
> same dhparam file? please help, thanks.

You don't need to configure more than one dhparam file, one for
all servers as set on the http level is enough.

Moreover, you probably don't want to configure dhparam file at
all, keeping all DHE ciphers disabled, as it is by default. DHE
ciphers are very slow compared to ECDH ones, and most browsers
support ECDH nowadays.

--
Maxim Dounin
http://mdounin.ru/
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx