Do I need copy dhparam.pem file when I move certificates to a new server?

I need to move certificates and nginx from server A to server B.

I will copy entire /etc/letsencrypt from A to B. It’s OK.

But, I found that nginx also needs dhparam.pem file on A:

ssl_dhparam /etc/ssl/certs/dhparam.pem;

Do I need to copy dhparam.pem from A to B?

Or Can I just generate new dhparam.pem on B?

Thanks too much if someone can provide some details about WHY.

1 Like

DH params are used during key exchange and are not linked to your certificate in any way -

Only your private key is tied to your certificate.

So, you can safely generate new DH params on the new server and everything will continue to work as before.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.