Do I need copy dhparam.pem file when I move certificates to a new server?

I need to move certificates and nginx from server A to server B.

I will copy entire /etc/letsencrypt from A to B. It’s OK.

But, I found that nginx also needs dhparam.pem file on A:

ssl_dhparam /etc/ssl/certs/dhparam.pem;

Do I need to copy dhparam.pem from A to B?

Or Can I just generate new dhparam.pem on B?

Thanks too much if someone can provide some details about WHY.

1 Like

DH params are used during key exchange and are not linked to your certificate in any way - https://weakdh.org/sysadmin.html

Only your private key is tied to your certificate.

So, you can safely generate new DH params on the new server and everything will continue to work as before.

6 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.