diff --git a/debian/patches/12_dh2048.patch b/debian/patches/12_dh2048.patch
new file mode 100644
index 0000000..de08caa
--- /dev/null
+++ b/debian/patches/12_dh2048.patch
@@ -0,0 +1,31 @@
+diff -uNr nagios-nrpe.orig/src/nrpe.c nagios-nrpe/src/nrpe.c
+--- nagios-nrpe.orig/src/nrpe.c	2025-08-08 15:17:42.001151893 +0200
++++ nagios-nrpe/src/nrpe.c	2025-08-08 15:17:56.612997804 +0200
+@@ -40,11 +40,6 @@
+ #include "utils.h"
+ #include "acl.h"
+ 
+-#ifdef HAVE_SSL
+-# ifdef USE_SSL_DH
+-#  include "../include/dh.h"
+-# endif
+-#endif
+ #ifndef HAVE_ASPRINTF
+ extern int asprintf(char **ptr, const char *format, ...);
+ #endif
+@@ -453,9 +448,12 @@
+ 		}
+ 
+ #ifdef USE_SSL_DH
+-		dh = get_dh2048();
+-		SSL_CTX_set_tmp_dh(ctx, dh);
+-		DH_free(dh);
++		if (!SSL_CTX_set_dh_auto(ctx, 1))
++		{
++			SSL_CTX_free(ctx);
++			logit(LOG_ERR, "Error: Could not set automatic use of DH.");
++			exit(STATE_CRITICAL);
++		}
+ #endif
+ 	}
+