diff --git a/man/freedombone-addcert.1.gz b/man/freedombone-addcert.1.gz
index ad66eaca..1fb9de86 100644
Binary files a/man/freedombone-addcert.1.gz and b/man/freedombone-addcert.1.gz differ
diff --git a/src/freedombone-addcert b/src/freedombone-addcert
index ebc00385..e4093a8b 100755
--- a/src/freedombone-addcert
+++ b/src/freedombone-addcert
@@ -36,6 +36,7 @@ ORGANISATION="Freedombone"
 UNIT="Freedombone Unit"
 EXTENSIONS=""
 NODH=
+DH_KEYLENGTH=1024
 
 function show_help {
     echo ''
@@ -51,6 +52,7 @@ function show_help {
     echo '  -l --location [locn]       Optional location name'
     echo '  -o --organisation [name]   Optional organisation name'
     echo '  -u --unit [name]           Optional unit name'
+    echo '     --dhkey [bits]          DH key length in bits'
     echo '     --nodh ""               Do not calculate DH params'
     echo '     --ca ""                 Certificate authority cert'
     echo ''
@@ -98,6 +100,10 @@ case $key in
     shift
     NODH="true"
     ;;
+    --dhkey)
+    shift
+    DH_KEYLENGTH=${1}
+    ;;
     *)
     # unknown option
     ;;
@@ -125,7 +131,7 @@ openssl req -x509 $EXTENSIONS -nodes -days 3650 -sha256 \
         -newkey rsa:4096 -keyout /etc/ssl/private/$CERTFILE.key \
         -out /etc/ssl/certs/$CERTFILE.crt
 if [ ! $NODH ]; then
-    openssl dhparam -check -text -5 1024 -out /etc/ssl/certs/$CERTFILE.dhparam
+    openssl dhparam -check -text -5 $DH_KEYLENGTH -out /etc/ssl/certs/$CERTFILE.dhparam
 fi
 chmod 400 /etc/ssl/private/$CERTFILE.key
 chmod 640 /etc/ssl/certs/$CERTFILE.crt