diff --git a/defaults/main.yml b/defaults/main.yml
index 9507c49..5a628cf 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -92,6 +92,8 @@ matrix_open_ports:
     state: present
 
 matrix_tls_enabled: False
+matrix_tls_dhparam_path: "{{ matrix_base_dir }}/tls/dhparam.pem"
+matrix_tls_dhparam_size: 2048
 matrix_tls_cert_path: "{{ matrix_base_dir }}/tls/certs/mycert.pem"
 matrix_tls_key_path: "{{ matrix_base_dir }}/tls/private/mykey.pem"
 matrix_tls_cert_source: mycert.pem
diff --git a/tasks/tls.yml b/tasks/tls.yml
index 018f95e..b1613f0 100644
--- a/tasks/tls.yml
+++ b/tasks/tls.yml
@@ -8,6 +8,7 @@
         group: "{{ matrix_group }}"
         recurse: True
       with_items:
+        - "{{ matrix_tls_dhparam_path | dirname }}"
         - "{{ matrix_tls_cert_path | dirname }}"
         - "{{ matrix_tls_key_path | dirname }}"
   become: True
@@ -24,5 +25,11 @@
         - { src: "{{ matrix_tls_cert_source }}", dest: '{{ matrix_tls_cert_path }}', mode: '0750' }
       loop_control:
         label: "{{ item.dest }}"
+
+    - name: Create Diffie-Hellman Parameter
+      openssl_dhparam:
+        path: "{{ matrix_tls_dhparam_path }}"
+        size: "{{ matrix_tls_dhparam_size }}"
+      when: matrix_tls_dhparam_path is defined
   become: True
   become_user: "{{ matrix_user }}"
diff --git a/templates/opt/matrix/config/homeserver.yml.j2 b/templates/opt/matrix/config/homeserver.yml.j2
index b554451..5dc90d2 100644
--- a/templates/opt/matrix/config/homeserver.yml.j2
+++ b/templates/opt/matrix/config/homeserver.yml.j2
@@ -9,7 +9,7 @@
 {% if matrix_tls_enabled %}
 tls_certificate_path: "{{ matrix_tls_cert_path }}"
 tls_private_key_path: "{{ matrix_tls_key_path }}"
-#tls_dh_params_path: "{{ matrix_conf_dir }}/matrix.example.com.tls.dh"
+tls_dh_params_path: "{{ matrix_tls_dhparam_path }}"
 no_tls: False
 {% else %}
 no_tls: True