5 gendh - DH parameter generation
18 This command is used to generate DH parameter files.
24 =item B<-out filename>
26 This specifies the output filename parameters to. Standard output is used
27 if this option is not present. The output format is a base64 encoded form of
28 a PKCS#5 DHParameter structure.
32 The generator to use, either 2 or 5. 2 is the default.
34 =item B<-rand file:file>
36 a file or files containing random data used to seed the random number
37 generator. Multiple files can be specified separated by B<:>.
41 this option specifies that a parameter set should be generated of size
42 B<numbits>. It must be the last option. If not present then a value of 512
49 PEM format DH parameters use the header and footer lines:
51 -----BEGIN DH PARAMETERS-----
52 -----END DH PARAMETERS-----
54 DH parameter generation is a slow process and as a result the same set of
55 DH parameters is often reused.
57 OpenSSL currently uses PKCS#3 DH not the more recent X9.42 DH.
59 This program creates DH parameters only, not DH keys.
63 The program is badly named. The programs B<gendsa> and B<genrsa> generate
64 actual keys and not parameters.
66 There should be a way to generate and manipulate DH keys.