From ecc40ceceb7978800fcd2b0bf9f879bcda083b71 Mon Sep 17 00:00:00 2001
From: David Gressel <dckgdotnet@gmail.com>
Date: Sat, 31 Dec 2016 17:44:18 +0100
Subject: [PATCH] faster openssl DH parameters generation (seconds)
 http://security.stackexchange.com/questions/95178/diffie-hellman-parameters-still-calculating-after-24-hours/95184#95184

---
 openvpn-install.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/openvpn-install.sh b/openvpn-install.sh
index cee3e36..56faa83 100644
--- a/openvpn-install.sh
+++ b/openvpn-install.sh
@@ -403,7 +403,7 @@ WantedBy=multi-user.target" > /etc/systemd/system/rc-local.service
 	# Create the PKI, set up the CA, the DH params and the server + client certificates
 	./easyrsa init-pki
 	./easyrsa --batch build-ca nopass
-	openssl dhparam $DH_KEY_SIZE -out dh.pem
+	openssl dhparam $DH_KEY_SIZE -dsaparam -out dh.pem
 	./easyrsa build-server-full server nopass
 	./easyrsa build-client-full $CLIENT nopass
 	./easyrsa gen-crl