From f943bda6211b3b0e835f7a1c1329bf5f02deffeb Mon Sep 17 00:00:00 2001
From: Adar Nimrod <nimrod@shore.co.il>
Date: Sat, 1 Jan 2022 12:13:15 +0200
Subject: [PATCH] Try to speed up the DH parameter generation.

---
 Ansible/tasks/renew-cert.yaml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/Ansible/tasks/renew-cert.yaml b/Ansible/tasks/renew-cert.yaml
index 4b18c12..c8f15f8 100644
--- a/Ansible/tasks/renew-cert.yaml
+++ b/Ansible/tasks/renew-cert.yaml
@@ -184,6 +184,10 @@
         # yamllint enable rule:line-length
         mode: 0o0644
         path: *dhparams
+        # It takes a considerable amount of time to generate new DH parameters.
+        # Try using the openssl backend instead of the Python Cryptography one
+        # to speed it up.
+        select_crypto_backend: openssl
         size: 4096
         state: present
       notify: '{{ handlers|default([]) }}'
-- 
GitLab