Index: modules/ssl/ssl_private.h
===================================================================
--- modules/ssl/ssl_private.h	(revision 1520841)
+++ modules/ssl/ssl_private.h	(working copy)
@@ -930,8 +930,12 @@
 
 /**  Diffie-Hellman Parameter Support  */
 DH           *ssl_dh_GetTmpParam(int);
-DH           *ssl_dh_GetParamFromFile(char *);
+DH           *ssl_dh_GetParamFromFile(const char *);
 
+#ifndef OPENSSL_NO_EC
+EC_GROUP     *ssl_ec_GetParamFromFile(const char *);
+#endif
+
 unsigned char *ssl_asn1_table_set(apr_hash_t *table,
                                   const char *key,
                                   long int length);
Index: modules/ssl/ssl_engine_dh.c
===================================================================
--- modules/ssl/ssl_engine_dh.c	(revision 1520841)
+++ modules/ssl/ssl_engine_dh.c	(working copy)
@@ -135,7 +135,7 @@
     return dh;
 }
 
-DH *ssl_dh_GetParamFromFile(char *file)
+DH *ssl_dh_GetParamFromFile(const char *file)
 {
     DH *dh = NULL;
     BIO *bio;
Index: modules/ssl/ssl_engine_init.c
===================================================================
--- modules/ssl/ssl_engine_init.c	(revision 1520841)
+++ modules/ssl/ssl_engine_init.c	(working copy)
@@ -192,6 +192,18 @@
 #define MODSSL_TMP_KEY_INIT_EC(s, bits) \
     ssl_tmp_key_init_ec(s, bits, SSL_TMP_KEY_EC_##bits)
 
+EC_GROUP *ssl_ec_GetParamFromFile(const char *file)
+{
+    EC_GROUP *ecg = NULL;
+    BIO *bio;
+
+    if ((bio = BIO_new_file(file, "r")) == NULL)
+        return NULL;
+    ecg = PEM_read_bio_ECPKParameters(bio, NULL, NULL, NULL);
+    BIO_free(bio);
+    return (ecg);
+}
+
 #endif
 
 #define MODSSL_TMP_KEY_INIT_RSA(s, bits) \
@@ -1184,10 +1196,14 @@
     const char *rsa_id, *dsa_id;
 #ifndef OPENSSL_NO_EC
     const char *ecc_id;
+    EC_GROUP *ecparams;
+    EC_KEY *eckey;
+    int nid;
 #endif
     const char *vhost_id = mctx->sc->vhost_id;
     int i;
     int have_rsa, have_dsa;
+    DH *dhparams;
 #ifndef OPENSSL_NO_EC
     int have_ecc;
 #endif
@@ -1234,6 +1250,33 @@
                 "Oops, no " KEYTYPES " server private key found?!");
         ssl_die(s);
     }
+
+    /*
+     * Try to read DHE parameters from the (first) SSLCertificateFile
+     */
+    if ((mctx->pks->cert_files[0] != NULL) &&
+        (dhparams = ssl_dh_GetParamFromFile(mctx->pks->cert_files[0]))) {
+        SSL_CTX_set_tmp_dh(mctx->ssl_ctx, dhparams);
+        ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s, APLOGNO()
+                     "DHE parameters (%d bits) for %s configured from %s",
+                     BN_num_bits(dhparams->p), vhost_id,
+                     mctx->pks->cert_files[0]);
+    }
+
+#ifndef OPENSSL_NO_EC
+    /*
+     * Similarly, try to read the ECDHE curve name from SSLCertificateFile
+     */
+    if ((mctx->pks->cert_files[0] != NULL) &&
+        (ecparams = ssl_ec_GetParamFromFile(mctx->pks->cert_files[0])) &&
+        (nid = EC_GROUP_get_curve_name(ecparams)) &&
+        (eckey = EC_KEY_new_by_curve_name(nid))) {
+        SSL_CTX_set_tmp_ecdh(mctx->ssl_ctx, eckey);
+        ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s, APLOGNO()
+                     "ECDHE curve (%s) for %s configured from %s",
+                     OBJ_nid2sn(nid), vhost_id, mctx->pks->cert_files[0]);
+    }
+#endif
 }
 
 #ifdef HAVE_TLS_SESSION_TICKETS