tlsparamsgen — Generate TLS parameters
tlsparamsgen {-t=algorithm} [-n=bits] [-u=user] [-g=group] [-m=mode] [-d=] {filename...}
The tlsparamsgen command generates a new set of DH or RSA parameters and saves them in a predefined location. LibCXX applications read the pregenerated parameters instead of generating it themselves.
A regularly scheduled cron(8) job runs tlsparamgsgen periodically.
-t, --type=algorithmUse either the “rsa” or “dsa” algorithm for generating the parameters. This is a required option.
-b, --bits=nNumber of bits in the generated RSA or DSA parameter (defaults to 1024 bits).
-u, --user=usernameCreate the DH or RSA parameter file owned by this username (when invoked by root).
-g, --group=groupnameCreate the DH or RSA parameter file owned by this groupname (when invoked by root).
-m, --mode=permissions
Create the DH or RSA parameter file with permissions (specified
as an octal permission value, defaults to 400).
-d, --definitIf there is an existing parameter file and it does not start with ">>>DEFAULT PARAMETERS" then do not generate and replace the parameter file.
This is used when the system starts. This immediately creates new parameter files the first time the system is started after installing a default set of parameters from the LibCXX installation package.