Thanks for your mail! I noticed that advice and already tried it, but it didn’t work! I’ve copied their file https://raw.githubusercontent.com/internetstandards/dhe_groups/master/ffdhe4096.pem to my /etc/apache2/dhparams.pem. In my Apache config, I am pointing to that file: SSLOpenSSLConfCmd DHParameters "/etc/apache2/dhparam.pem” And I made sure to restart Apache. However, even with the standard 4096 bit DH params file, still my Apache seems to use 3072 DH… https://internet.nl/site/lifeforms.nl/1529341/#control-panel-14 I’ve also tried using the standard 3072 bit DH params file https://raw.githubusercontent.com/internetstandards/dhe_groups/master/ffdhe3072.pem as they say this should be ’sufficient’ but the result is still ‘insufficient': So I’m still confused how I can use 4096 bit DH params... Kind regards, WH |