diff --git a/trunk/PKGBUILD b/trunk/PKGBUILD
index 61ce7c4..e1e92d5 100644
--- a/trunk/PKGBUILD
+++ b/trunk/PKGBUILD
@@ -3,8 +3,8 @@
 # Contributor: Dale Blount <dale@archlinux.org>
 
 pkgname=nrpe
-pkgver=4.0.3
-pkgrel=2
+pkgver=4.1.0
+pkgrel=1
 pkgdesc="Nagios Remote Plugin Executor"
 arch=('x86_64')
 license=('GPL')
@@ -15,13 +15,20 @@ install=$pkgname.install
 backup=('etc/nrpe/nrpe.cfg' 'etc/xinetd.d/nrpe')
 url="https://github.com/NagiosEnterprises/nrpe"
 source=(https://github.com/NagiosEnterprises/nrpe/releases/download/$pkgname-$pkgver/$pkgname-$pkgver.tar.gz
-        nrpe.sysusers)
-md5sums=('42252d3c721c87ebb5e38b748f187e8d'
-         '079d1f8c06598303be95151a8985927b')
+        nrpe.sysusers
+        nrpe-4.1.0-reproducible-dh.patch) #https://bugs.debian.org/834857
+md5sums=('ace32f8d41e9b9138ea5d40b8beed274'
+         '079d1f8c06598303be95151a8985927b'
+         'ff723b50389d55203e8ec4e8c6a1c1c3')
 
-build() {
+prepare() {
   cd $pkgname-$pkgver
+  patch -p1 -i ../nrpe-4.1.0-reproducible-dh.patch
+  autoconf -f
+}
 
+build() {
+  cd $pkgname-$pkgver
   ./configure \
     --prefix=/usr \
     --sysconfdir=/etc/nrpe \
diff --git a/trunk/nrpe-4.1.0-reproducible-dh.patch b/trunk/nrpe-4.1.0-reproducible-dh.patch
new file mode 100644
index 0000000..56db84e
--- /dev/null
+++ b/trunk/nrpe-4.1.0-reproducible-dh.patch
@@ -0,0 +1,61 @@
+diff --git a/macros/ax_nagios_get_ssl b/macros/ax_nagios_get_ssl
+index 2b94b9d..080c716 100644
+--- a/macros/ax_nagios_get_ssl
++++ b/macros/ax_nagios_get_ssl
+@@ -290,23 +290,11 @@ if test x$SSL_TYPE != xNONE; then
+ 		if test x$need_dh = xyes; then
+ 			AC_PATH_PROG(sslbin,openssl,value-if-not-found,$ssl_dir/sbin$PATH_SEPARATOR$ssl_dir/bin$PATH_SEPARATOR$PATH)
+ 			AC_DEFINE(USE_SSL_DH)
+-			# Generate DH parameters
+ 			if test -f "$sslbin"; then
+-				echo ""
+-				echo "*** Generating DH Parameters for SSL/TLS ***"
+-				# OpenSSL 3 removes dhparam -C
+-				# check version and use our own parser if needed
+ 				nagios_ssl_major_version=`$sslbin version | cut -d' ' -f2 | cut -d. -f1`
+ 
+-				test -d include || mkdir include
+ 				if test "x$nagios_ssl_major_version" = "x3"; then
+ 					AC_DEFINE_UNQUOTED(OPENSSL_V3,[1],[Have OpenSSL v3])
+-					test -d src || mkdir src
+-					$CC ${srcdir}/src/print_c_code.c -o src/print_c_code
+-					$sslbin dhparam -text 2048 | ./src/print_c_code > include/dh.h
+-				else
+-					# awk to strip off meta data at bottom of dhparam output
+-					$sslbin dhparam -C 2048 | awk '/^-----/ {exit} {print}' > include/dh.h
+ 				fi
+ 			fi
+ 		fi
+diff --git a/src/nrpe.c b/src/nrpe.c
+index da50d40..b2b0f84 100644
+--- a/src/nrpe.c
++++ b/src/nrpe.c
+@@ -40,12 +40,6 @@
+ #include "utils.h"
+ #include "acl.h"
+ 
+-#ifdef HAVE_SSL
+-# ifdef USE_SSL_DH
+-#  include "../include/dh.h"
+-# endif
+-#endif
+-
+ #ifndef HAVE_ASPRINTF
+ extern int asprintf(char **ptr, const char *format, ...);
+ #endif
+@@ -497,9 +491,12 @@ void init_ssl(void)
+ 		}
+ 
+ #ifdef USE_SSL_DH
+-		dh = get_dh2048();
+-		SSL_CTX_set_tmp_dh(ctx, dh);
+-		DH_free(dh);
++		if (!SSL_CTX_set_dh_auto(ctx, 1))
++		{
++			SSL_CTX_free(ctx);
++			logit(LOG_ERR, "Error: Could not set automatic use of DH.");
++			exit(STATE_CRITICAL);
++		}
+ #endif
+ 	}
+