Fix website weak key exchange

The website uses a 2048 bit certificate, but when PFS ciphers are used(DHE), the key-exchange is limited to 1024 bits, because the DH parameters are configured to 1024 bits.

https://www.ssllabs.com/ssltest/analyze.html?d=torproject.org

(If it's possible, please enable OCSP stapling was well.)

Trac:
Username: UserUnknown