Improve Startup Time When Security Is Activated
When a server instance is configured to use HTTPS, it generates an ephemeral DH key at startup. Generating the DH key at startup provides more security than reading it from a file on disk. However, this can add a couple of minutes to a server instance’s startup time.
If you need the server instance to start up without delay and are not concerned about
the loss of security, you can configure the server instance to read the ephemeral DH key
from a file using the ssl-tmp-dh-param
configuration property. The ssl-tmp-dh-param
property specifies the
file storing the DH key in PEM format.
See Also
Server Configuration Properties