[SOLVED] Strong DH parameters for nginx


to prevent from logjam, I generated a strong dh group that shall get used by nginx.
From my /etc/gitlab/gitlab.rb:

nginx['ssl_dhparam'] = "/etc/gitlab/ssl/dhparams.pem"

But it never gets written to /var/opt/gitlab/nginx/conf/gitlab-http.conf after gitlab-ctl reconfigure.
Gitlab CE 7.10.4 from omnibus package.
Any help is appreciated,


If you read the blog post, it says that

is only valid for packages version 7.11.0 and up.

So either upgrade to 7.11 or you can use the inserting-custom-nginx-settings-into-the-gitlab-server-block like so

nginx['custom_gitlab_server_config'] = "ssl_dhparam /etc/gitlab/ssl/dhparams.pem;\n"
1 Like

Thanks man. You saved my life!