Description
As it stands, adding a DHE- cipher to the cipher suite list is not sufficient to allow a DHE protocol to be negotiated. One must also add a dhparams file.
We should re-introduce the logic to automatically create DHParams if none is specified. We currently have logic in the that could create a fixed 2048 bit DHParams, but it is not currently enabled. The disabling was tracked in TS-3437.
Now that we are at a major release, we should reactivate this logic, since it seems odd and not user-friendly to have a two step process for activating DHE- ciphers (unlike any other cipher family).