I'm working through the book "Bulletproof SSL and TLS" by Ivan Ristic (the guy behind the famous SSL Labs site) and found this bit on Page 40 that seems relevant to the LoadMaster (I'm on version 7.1-24b):
"Historically speaking, DH parameters have been largely ignored and their security neglected. Many libraries and servers use weak DH parameters by default and often don't provide a means to change their strength in configuration. For this reason, it's not uncommon to see servers using weak 1,024-bit parameters..."
When I assign to a virtual service any cipher suite that uses DHE key exchange, the LoadMaster uses 1024-bit DH parameters for the key exchange. This generates a "weak" warning on the SSL Labs tests. Is there a way to make the LoadMaster use 2048-bit DH parameters?