Page 1 of 1

Apache 2.4.7+ and SSL issue

Posted: Fri Feb 06, 2015 2:42 pm
by support
If you get the following error with Java "Could not generate DH keypair" on SSL/TLS handshake with an Apache 2.4.7+ web server. Then see:
http://httpd.apache.org/docs/trunk/ssl/ ... tml#javadh

A solution is to generate DH 1024 bits parameter with "openssl dhparams -outform PEM -out dh1024.pem 1024" and append dh1024.pem to your SSL server certificate.

Another solution is to upgrade to a JRE version that support prime number > 1024 bits for DH exchange.