From afa0162c4c1513ac9f8d69b418e4e39f737ef321 Mon Sep 17 00:00:00 2001
From: Angristan <stanislas.lange@protonmail.com>
Date: Thu, 16 Feb 2017 20:27:57 +0100
Subject: [PATCH] Use ECDSA cert instead of RSA

---
 openvpn-install.sh | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/openvpn-install.sh b/openvpn-install.sh
index 55033a7..fa75069 100644
--- a/openvpn-install.sh
+++ b/openvpn-install.sh
@@ -344,7 +344,8 @@ WantedBy=multi-user.target" > /etc/systemd/system/rc-local.service
 	chown -R root:root /etc/openvpn/easy-rsa/
 	rm -rf ~/EasyRSA-3.0.1.tgz
 	cd /etc/openvpn/easy-rsa/
-	echo "set_var EASYRSA_KEY_SIZE $RSA_KEY_SIZE" > vars
+	echo "set_var EASYRSA_ALGO ec
+set_var EASYRSA_CURVE secp384r1" > vars
 	# Create the PKI, set up the CA, the DH params and the server + client certificates
 	./easyrsa init-pki
 	./easyrsa --batch build-ca nopass