5 gendh - DH parameter generation
18 This command is used to generate DH parameter files.
24 =item B<-out filename>
26 This specifies the output filename parameters to. Standard output is used
27 if this option is not present. The output format is a base64 encoded form of
28 a PKCS#5 DHParameter structure.
32 The generator to use, either 2 or 5. 2 is the default.
34 =item B<-rand file(s)>
36 a file or files containing random data used to seed the random number
37 generator. Multiple files can be specified separated by a OS-dependent
38 character. For MS-Windows, the separator is B<;>. For OpenVMS, it's
39 B<,>. For all others, it's B<:>.
43 this option specifies that a parameter set should be generated of size
44 B<numbits>. It must be the last option. If not present then a value of 512
51 PEM format DH parameters use the header and footer lines:
53 -----BEGIN DH PARAMETERS-----
54 -----END DH PARAMETERS-----
56 DH parameter generation is a slow process and as a result the same set of
57 DH parameters is often reused.
59 OpenSSL currently uses PKCS#3 DH not the more recent X9.42 DH.
61 This program creates DH parameters only, not DH keys.
65 The program is badly named. The programs B<gendsa> and B<genrsa> generate
66 actual keys and not parameters.
68 There should be a way to generate and manipulate DH keys.