diff --git a/bundles/nginx/files/nginx.conf b/bundles/nginx/files/nginx.conf
index 08f6693..ef65a3e 100644
--- a/bundles/nginx/files/nginx.conf
+++ b/bundles/nginx/files/nginx.conf
@@ -21,6 +21,7 @@ http {
     server_names_hash_bucket_size 128;
     tcp_nopush on;
     client_max_body_size 32G;
+    ssl_dhparam "/etc/nginx/dhparams.pem";
 
     % if node.has_bundle('php'):
     upstream php-handler {
diff --git a/bundles/nginx/items.py b/bundles/nginx/items.py
index ec1a56b..0fddc0c 100644
--- a/bundles/nginx/items.py
+++ b/bundles/nginx/items.py
@@ -76,7 +76,7 @@ files = {
 
 actions = {
     'nginx-generate-dhparam': {
-        'command': 'openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048',
+        'command': 'openssl dhparam -dsaparam -out /etc/ssl/certs/dhparam.pem 4096',
         'unless': 'test -f /etc/ssl/certs/dhparam.pem',
     },
 }