Good day,
I have a WAS liberty server in Linux Redhat, and I enable the only TLSv1.2.
I type the following command to get the server info:
openssl s_client -connect 10.7.5.65:9443 -msg
Part of the result is as follow:
No client certificate CA names sent
Peer signing digest: SHA512
Server Temp Key: DH, 1024 bits
---
SSL handshake has read 1710 bytes and written 479 bytes
---
New, TLSv1/SSLv3, Cipher is DHE-RSA-AES128-GCM-SHA256
Server public key is 2048 bit
Secure Renegotiation IS supported
I saw the Server Temp Key
value is DH, 1024 bits, but also saw the Server public key is 2048 bit, may I know my Diffie-Hellman MODP size (bits) is actually 1024 or 2048?
And also the part of the ServerKeyExchange
<<< TLS 1.2 Handshake [length 020f], ServerKeyExchange
0c 00 02 0b 00 80 ff ff ff ff ff ff ff ff c9 0f
00 80
convert to decimal is 128, so its means my Diffie-Hellman MODP size (bits) is 1024 bits?
And if its 1024 bits, how can I increase it to 2048 bits?
I am using Java 8 OpenJDK in this server.
Kindly advise.