View Ticket
Ticket Hash: 0271e755307824a64957e3ffef9bac9386069bbc
Title: different dh param bit sizes in server key exchange
Status: Closed Type: Code Defect
Severity: Critical Priority: Immediate
Subsystem: Resolution: Overcome_By_Events
Last Modified: 2024-06-29 01:46:50
Version Found In: tls1.7.21
User Comments:
anonymous added on 2023-08-21 13:11:53: (text/x-markdown)
Although when server socket was opened, it had -certfile and -keyfile generated with 4096 bit size.

When server respond to client hello (tls1.2), tls lib always uses default dh key size 2048.  

[Server Key exchange record is sending 256 bytes (DH key size of 2048)]

bohagan added on 2024-06-29 01:46:50: (text/x-fossil-plain)
This issue is obsolete with commit [d3d16ea77fa810d8] and the change to auto set the DH parameters.