tls.dhBits

Specifies the Diffie-Hellman key size, overriding the librelp default when set.

This parameter applies to imrelp: RELP Input Module.

Name:

tls.dhBits

Scope:

input

Type:

integer

Default:

input=0

Required?:

no

Introduced:

Not documented

Description

This setting controls how many bits are used for Diffie-Hellman key generation. If not set, the librelp default is used. For security reasons, at least 1024 bits should be used. Please note that the number of bits must be supported by GnuTLS. If an invalid number is given, rsyslog will report an error when the listener is started. We do this to be transparent to changes/upgrades in GnuTLS (to check at config processing time, we would need to hardcode the supported bits and keep them in sync with GnuTLS - this is even impossible when custom GnuTLS changes are made…).

Input usage

input(type="imrelp" port="2514" tls="on" tls.dhBits="2048")

See also

See also imrelp: RELP Input Module.

---

Support: rsyslog Assistant | GitHub Discussions | GitHub Issues: rsyslog source project

Contributing: Source & docs: rsyslog source project

© 2008–2025 Rainer Gerhards and others. Licensed under the Apache License 2.0.