diff --git a/templates/haproxy.cfg.j2 b/templates/haproxy.cfg.j2
index d32bb94..dfcdcca 100644
--- a/templates/haproxy.cfg.j2
+++ b/templates/haproxy.cfg.j2
@@ -12,7 +12,8 @@ global
     master-worker
     ca-base /etc/ssl/certs
     crt-base /etc/ssl/private
-    # https://ssl-config.mozilla.org/#server=haproxy&version=2.2&config=intermediate&openssl=1.1.1d&guideline=5.6    tune.ssl.default-dh-param 2048
+    # https://ssl-config.mozilla.org/#server=haproxy&version=2.2&config=intermediate&openssl=1.1.1d&guideline=5.6   
+    tune.ssl.default-dh-param 2048
     ssl-default-bind-ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
     ssl-default-bind-ciphersuites TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256
     ssl-default-bind-options prefer-client-ciphers no-sslv3 no-tlsv10 no-tlsv11 no-tls-tickets