From 211167b0f76d7493c2968c2f3a6b71a50b46027c Mon Sep 17 00:00:00 2001
From: Jody Boucher <jody@jodyboucher.com>
Date: Wed, 29 Mar 2017 13:03:00 -0400
Subject: [PATCH] decrease the number of bits used in creation of DH parameter
 to a more reasonable value

---
 tasks/configure.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tasks/configure.yml b/tasks/configure.yml
index 523547c..8270cf0 100644
--- a/tasks/configure.yml
+++ b/tasks/configure.yml
@@ -28,7 +28,7 @@
   notify: reload nginx
 
 - name: Generate strong Ephemeral Diffie-Hellman (DHE) parameter
-  command: openssl dhparam -out dhparams.pem 4096
+  command: openssl dhparam -out dhparams.pem 2048
   args:
     chdir: "{{ nginx_path_ssl_conf }}"
     creates: "{{ nginx_path_ssl_conf }}/dhparams.pem"