From 12ed1dd6f7842afa6795613de1e356311b48b806 Mon Sep 17 00:00:00 2001
From: Kevin Fenzi <kevin@scrye.com>
Date: Wed, 31 Aug 2016 18:49:51 +0000
Subject: [PATCH] Update out vpn configs for better encryption.

---
 roles/openvpn/client/files/client.conf | 2 ++
 roles/openvpn/server/files/server.conf | 2 ++
 2 files changed, 4 insertions(+)

diff --git a/roles/openvpn/client/files/client.conf b/roles/openvpn/client/files/client.conf
index 307a3576dc..e807bdc7d9 100644
--- a/roles/openvpn/client/files/client.conf
+++ b/roles/openvpn/client/files/client.conf
@@ -17,6 +17,8 @@ persist-key
 #up /etc/openvpn/fix-routes.sh
 #up-restart
 
+cipher AES-256-CBC
+auth SHA512
 ca ca.crt
 cert client.crt
 key client.key
diff --git a/roles/openvpn/server/files/server.conf b/roles/openvpn/server/files/server.conf
index 3ba8fab11b..e5cdd45180 100644
--- a/roles/openvpn/server/files/server.conf
+++ b/roles/openvpn/server/files/server.conf
@@ -12,6 +12,8 @@ ca ca.crt
 cert server.crt
 key server.key
 
+cipher AES-256-CBC
+auth SHA512
 dh dh2048.pem
 crl-verify crl.pem