You are confusing things. There are two separate issues here:
- Your certificate was made using a 1024 bit key. This is easily rectified:
openssl genrsa -des3 -out privkey.pem 2048
creates a 2048 bit key, the rest of the procedure remains the same.
- Your webserver's encryption configuration is sub-standard: You have to move ciphers with Elliptic-Curve DH key exchange to the front of your preferred cipher list. You should push ciphers only included for backwards-compatibility to the back.
My Apache configuration currently looks like this:
SSLProtocol +TLSv1.2 +TLSv1.1 +TLSv1
SSLCompression off
SSLHonorCipherOrder on
SSLCipherSuite "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-RC4-SHA:ECDHE-RSA-RC4-SHA:ECDH-ECDSA-RC4-SHA:ECDH-RSA-RC4-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA"
This gives a full grade on Qualys SSL Server Test.
Please note that Apache 2.2 does not support Elliptic-Curve cryptography.