diff --git a/install_postfix_advanced.sh b/install_postfix_advanced.sh
index 2072cc4..15148f1 100755
--- a/install_postfix_advanced.sh
+++ b/install_postfix_advanced.sh
@@ -2620,41 +2620,91 @@ fi
 ## - with EDH ciphers (length 512 and 1024
 ## -
 echononl "   Generate DH key length=512 \"/etc/postfix/ssl/dh_512.pem\""
-if [ ! -f /etc/postfix/ssl/dh_512.pem ]; then
-   openssl dhparam -out /etc/postfix/ssl/dh_512.pem -2 512 > /dev/null 2>&1
-   #openssl dhparam -dsaparam -out /etc/postfix/ssl/dh_512.pem 512 > /dev/null 2>&1
+if [[ ! -f /etc/postfix/ssl/dh_512.pem ]]; then
+   if [[ $DIST_VERSION -gt 11 ]] ; then
+      openssl dhparam -out /etc/postfix/ssl/dh_512.pem 512 > /dev/null 2>&1
+   else
+      openssl dhparam -dsaparam -out /etc/postfix/ssl/dh_512.pem 512 > /dev/null 2>&1
+   fi
    if [[ $? -eq 0 ]] ; then
       echo_ok
    else
       echo_failed
    fi
 else
-   echo_skipped
+   if [[ $DIST_VERSION -gt 11 ]] ; then
+      if $(grep -q -E "X9.42" /etc/postfix/ssl/dh_512.pem 2> /dev/null); then
+         openssl dhparam -out /etc/postfix/ssl/dh_512.pem 512 > /dev/null 2>&1
+         if [[ $? -eq 0 ]] ; then
+            echo_ok
+         else
+            echo_failed
+         fi
+      else
+         echo_skipped
+      fi
+   else
+      echo_skipped
+   fi
 fi
 echononl "   Generate DH key length=1024 \"/etc/postfix/ssl/dh_1024.pem\""
-if [ ! -f /etc/postfix/ssl/dh_1024.pem ]; then
-   openssl dhparam -out /etc/postfix/ssl/dh_1024.pem -2 1024 > /dev/null 2>&1
-   #openssl dhparam -dsaparam -out /etc/postfix/ssl/dh_1024.pem 1024 > /dev/null 2>&1
+if [[ ! -f /etc/postfix/ssl/dh_1024.pem ]]; then
+   if [[ $DIST_VERSION -gt 11 ]] ; then
+      openssl dhparam -out /etc/postfix/ssl/dh_1024.pem 1024 > /dev/null 2>&1
+   else
+      openssl dhparam -dsaparam -out /etc/postfix/ssl/dh_1024.pem 1024 > /dev/null 2>&1
+   fi
    if [[ $? -eq 0 ]] ; then
       echo_ok
    else
       echo_failed
    fi
 else
-   echo_skipped
+   if [[ $DIST_VERSION -gt 11 ]] ; then
+      if $(grep -q -E "X9.42" /etc/postfix/ssl/dh_1024.pem 2> /dev/null); then
+         openssl dhparam -out /etc/postfix/ssl/dh_1024.pem 1024 > /dev/null 2>&1
+         if [[ $? -eq 0 ]] ; then
+            echo_ok
+         else
+            echo_failed
+         fi
+      else
+         echo_skipped
+      fi
+   else
+      echo_skipped
+   fi
 fi
 echononl "   Generate DH key length=2048 \"/etc/postfix/ssl/dh_2048.pem\""
-if [ ! -f /etc/postfix/ssl/dh_2048.pem ]; then
-   openssl dhparam -out /etc/postfix/ssl/dh_2048.pem -2 2048 > /dev/null 2>&1
-   #openssl dhparam -dsaparam -out /etc/postfix/ssl/dh_2048.pem 2048 > /dev/null 2>&1
+if [[ ! -f /etc/postfix/ssl/dh_2048.pem ]]; then
+   if [[ $DIST_VERSION -gt 11 ]] ; then
+      openssl dhparam -out /etc/postfix/ssl/dh_2048.pem 2048 > /dev/null 2>&1
+   else
+      openssl dhparam -dsaparam -out /etc/postfix/ssl/dh_2048.pem 2048 > /dev/null 2>&1
+   fi
    if [[ $? -eq 0 ]] ; then
       echo_ok
    else
       echo_failed
    fi
 else
-   echo_skipped
+   if [[ $DIST_VERSION -gt 11 ]] ; then
+      if $(grep -q -E "X9.42" /etc/postfix/ssl/dh_2048.pem 2> /dev/null); then
+         openssl dhparam -out /etc/postfix/ssl/dh_2048.pem 2048 > /dev/null 2>&1
+         if [[ $? -eq 0 ]] ; then
+            echo_ok
+         else
+            echo_failed
+         fi
+      else
+         echo_skipped
+      fi
+   else
+      echo_skipped
+   fi
 fi
+
+
 echononl "   Create Symlink \"$_TLS_CERT_FILE\""
 if [ ! -h "$_TLS_CERT_FILE" ]; then
    ln -s /etc/ssl/certs/ssl-cert-snakeoil.pem  $_TLS_CERT_FILE