dovecot - Mar 2019 - ssl_dh

https://wiki.dovecot.org/SSL/DovecotConfiguration says:

"Since v2.3.3+ Diffie-Hellman parameters have been made optional, and 
you are encouraged to disable non-ECC DH algorithms completely."

and a bit later:
"From version 2.3, you must specify path to DH parameters file using 
ssl_dh=</path/to/dh.pem"

So.

1. Is ssl_dh an optional or a must?

2. I've disabled ssl_dh in my config. Dovecot works fine except it shows 
warnings:

doveconf: Warning: please set ssl_dh=</etc/dovecot/dh.pem
doveconf: Warning: You can generate it with: dd ...


I'm using dovecot version 2.3.4.1-1~bpo9+1 from debian stretch-backports

-- 
sergio.

<!doctype html>
<html>
 <head> 
  <meta charset="UTF-8"> 
 </head>
 <body>
  <div>
   ssl_dh is required from 2.3.0-2.3.2. From 2.3.3 onwards its optional. You can
rm the ssl-parameters.dat file to get rid of that warning.
  </div>
  <div>
   <br>
  </div>
  <div>
   Aki
  </div>
  <blockquote type="cite">
   <div>
    On 16 March 2019 12:50 sergio via dovecot <
    <a
href="mailto:dovecot@dovecot.org">dovecot@dovecot.org</a>>
wrote:
   </div>
   <div>
    <br>
   </div>
   <div>
    <br>
   </div>
   <div>
    <a href="https://wiki.dovecot.org/SSL/DovecotConfiguration"
rel="noopener"
target="_blank">https://wiki.dovecot.org/SSL/DovecotConfiguration</a>
says:
   </div>
   <div>
    <br>
   </div>
   <div>
    "Since v2.3.3+ Diffie-Hellman parameters have been made optional, and
   </div>
   <div>
    you are encouraged to disable non-ECC DH algorithms completely."
   </div>
   <div>
    <br>
   </div>
   <div>
    and a bit later:
   </div>
   <div>
    "From version 2.3, you must specify path to DH parameters file using
   </div>
   <div>
    ssl_dh=</path/to/dh.pem"
   </div>
   <div>
    <br>
   </div>
   <div>
    So.
   </div>
   <div>
    <br>
   </div>
   <div>
    1. Is ssl_dh an optional or a must?
   </div>
   <div>
    <br>
   </div>
   <div>
    2. I've disabled ssl_dh in my config. Dovecot works fine except it shows
   </div>
   <div>
    warnings:
   </div>
   <div>
    <br>
   </div>
   <div>
    doveconf: Warning: please set ssl_dh=</etc/dovecot/dh.pem
   </div>
   <div>
    doveconf: Warning: You can generate it with: dd ...
   </div>
   <div>
    <br>
   </div>
   <div>
    <br>
   </div>
   <div>
    I'm using dovecot version 2.3.4.1-1~bpo9+1 from debian stretch-backports
   </div>
   <div>
    <br>
   </div>
   <div>
    --
   </div>
   <div>
    sergio.
   </div>
  </blockquote>
  <div>
   <br>
  </div>
  <div class="io-ox-signature">
   <pre>---
Aki Tuomi</pre>
  </div> 
 </body>
</html>

I'm subscribed, please reply to list directly.
> ssl_dh is required from 2.3.0-2.3.2. From 2.3.3 onwards its optional. 
> You can rm the ssl-parameters.dat file to get rid of that warning.
I have no ssl-parameters.dat file.

-- 
sergio.

On 16/03/2019 17:07, Aki Tuomi via dovecot wrote:
> ssl_dh is required from 2.3.0-2.3.2. From 2.3.3 onwards its optional. 
> You can rm the ssl-parameters.dat file to get rid of that warning.

Should wiki be updated?

-- 
sergio.