install_postfix_advanced.sh, install_postfix_base.sh: use '-dsaparam' parameter for generation Diffie-Hellman keys to avoid lon generation time.

install_postfix_advanced.sh

@@ -1297,6 +1297,9 @@ smtpd_tls_key_file = $_TLS_KEY_FILE
 ## - Dont't forget to create it, e.g with openssl:
 ## -    openssl dhparam -out /etc/postfix/ssl/dh_1024.pem -2 1024
 ## -
+## - or using '-dsaparam' to avoid long creation time:
+## -    openssl dhparam -dsaparam -out /etc/postfix/ssl/dh_1024.pem 1024
+## -
 #smtpd_tls_dh1024_param_file = /etc/postfix/ssl/dh_1024.pem
 ## - also possible to use 2048 key with that parameter
 ## -
@@ -1307,6 +1310,9 @@ smtpd_tls_dh1024_param_file = /etc/postfix/ssl/dh_2048.pem
 ## - Dont't forget to create it, e.g with openssl:
 ## -    openssl dhparam -out /etc/postfix/ssl/dh_512.pem -2 512
 ## -
+## - or using '-dsaparam' to avoid long creation time:
+## -    openssl dhparam -dsaparam -out /etc/postfix/ssl/dh_512.pem 512
+## -
 smtpd_tls_dh512_param_file = /etc/postfix/ssl/dh_512.pem
 
 
@@ -1893,7 +1899,8 @@ fi
 ## -
 echononl "   Generate DH key length=512 \"/etc/postfix/ssl/dh_512.pem\""
 if [ ! -f /etc/postfix/ssl/dh_512.pem ]; then
-   openssl dhparam -out /etc/postfix/ssl/dh_512.pem -2 512 > /dev/null 2>&1
+   #openssl dhparam -out /etc/postfix/ssl/dh_512.pem -2 512 > /dev/null 2>&1
+   openssl dhparam -dsaparam -out /etc/postfix/ssl/dh_512.pem 512 > /dev/null 2>&1
    if [[ $? -eq 0 ]] ; then
       echo_ok
    else
@@ -1904,7 +1911,8 @@ else
 fi
 echononl "   Generate DH key length=1024 \"/etc/postfix/ssl/dh_1024.pem\""
 if [ ! -f /etc/postfix/ssl/dh_1024.pem ]; then
-   openssl dhparam -out /etc/postfix/ssl/dh_1024.pem -2 1024 > /dev/null 2>&1
+   #openssl dhparam -out /etc/postfix/ssl/dh_1024.pem -2 1024 > /dev/null 2>&1
+   openssl dhparam -dsaparam -out /etc/postfix/ssl/dh_1024.pem 1024 > /dev/null 2>&1
    if [[ $? -eq 0 ]] ; then
       echo_ok
    else
@@ -1915,7 +1923,8 @@ else
 fi
 echononl "   Generate DH key length=2048 \"/etc/postfix/ssl/dh_2048.pem\""
 if [ ! -f /etc/postfix/ssl/dh_2048.pem ]; then
-   openssl dhparam -out /etc/postfix/ssl/dh_2048.pem -2 2048 > /dev/null 2>&1
+   #openssl dhparam -out /etc/postfix/ssl/dh_2048.pem -2 2048 > /dev/null 2>&1
+   openssl dhparam -dsaparam -out /etc/postfix/ssl/dh_2048.pem 2048 > /dev/null 2>&1
    if [[ $? -eq 0 ]] ; then
       echo_ok
    else

install_postfix_base.sh

@@ -977,7 +977,8 @@ fi
 ## -
 echononl "   Generate DH key length=512 \"/etc/postfix/ssl/dh_512.pem\""
 if [ ! -f /etc/postfix/ssl/dh_512.pem ]; then
-   openssl dhparam -out /etc/postfix/ssl/dh_512.pem -2 512 > /dev/null 2>&1
+   #openssl dhparam -out /etc/postfix/ssl/dh_512.pem -2 512 > /dev/null 2>&1
+   openssl dhparam -dsaparam -out /etc/postfix/ssl/dh_512.pem 512 > /dev/null 2>&1
    if [[ $? -eq 0 ]] ; then
       echo_ok
    else
@@ -988,7 +989,8 @@ else
 fi
 echononl "   Generate DH key length=1024 \"/etc/postfix/ssl/dh_1024.pem\""
 if [ ! -f /etc/postfix/ssl/dh_1024.pem ]; then
-   openssl dhparam -out /etc/postfix/ssl/dh_1024.pem -2 1024 > /dev/null 2>&1
+   #openssl dhparam -out /etc/postfix/ssl/dh_1024.pem -2 1024 > /dev/null 2>&1
+   openssl dhparam -dsaparam -out /etc/postfix/ssl/dh_1024.pem 1024 > /dev/null 2>&1
    if [[ $? -eq 0 ]] ; then
       echo_ok
    else
@@ -999,7 +1001,8 @@ else
 fi
 echononl "   Generate DH key length=2048 \"/etc/postfix/ssl/dh_2048.pem\""
 if [ ! -f /etc/postfix/ssl/dh_2048.pem ]; then
-   openssl dhparam -out /etc/postfix/ssl/dh_2048.pem -2 2048 > /dev/null 2>&1
+   #openssl dhparam -out /etc/postfix/ssl/dh_2048.pem -2 2048 > /dev/null 2>&1
+   openssl dhparam -dsaparam -out /etc/postfix/ssl/dh_2048.pem 2048 > /dev/null 2>&1
    if [[ $? -eq 0 ]] ; then
       echo_ok
    else