Unable To Generate DH Parameters File With OpenSSL on FIPS enabled host

Solution Verified - Updated -


Getting below error while generating a dhparameters file on FIPS enabled host:

openssl dhparam -out ./dhparams.pem 4096
Generating DH parameters, 4096 bit long safe prime, generator 2
This is going to take a long time
140199778404160:error:050C90CA:Diffie-Hellman routines:DH_generate_parameters_ex:non FIPS method:crypto/dh/dh_gen.c:31:


  • Red Hat Enterprise Linux (RHEL)
    • openssl

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content