diff options
author | Peter Palfrader <peter@palfrader.org> | 2014-04-23 05:44:33 +0000 |
---|---|---|
committer | weasel <weasel@bc3d92e2-beff-0310-a7cd-cc87d7ac0ede> | 2014-04-23 05:44:33 +0000 |
commit | c5a0a6507d822e40e8417b54dbd33fc75065540c (patch) | |
tree | 8226854ee0a3747f721570e7ca464db5ffb7cf5d | |
parent | 946f94ab801d84a4a19a11c5af35e534d11ae252 (diff) |
larger keys
git-svn-id: svn+ssh://asteria.noreply.org/svn/weaselutils/trunk@671 bc3d92e2-beff-0310-a7cd-cc87d7ac0ede
-rwxr-xr-x | Generate | 4 |
1 files changed, 2 insertions, 2 deletions
@@ -174,7 +174,7 @@ def check_ca opensslcnf.close ENV['CN'] = 'ca'+'.'+$config['cadndomain'] - sys("openssl req -batch -days 3650 -nodes -new -x509 -keyout CA/keys/ca.key -out CA/keys/ca.crt -config CA/openssl.cnf ") + sys("openssl req -batch -days 3650 -nodes -new -newkey rsa:4096 -x509 -keyout CA/keys/ca.key -out CA/keys/ca.crt -config CA/openssl.cnf ") File.chmod(0600, "CA/keys/ca.key") == 1 or throw "Cannot chmod CA/keys/ca.key" index=File.new('CA/keys/index.txt', "w") @@ -197,7 +197,7 @@ def build_key(cn) return true if FileTest.exists?("CA/keys/#{cn}.p12") ENV['CN'] = cn - sys("openssl req -batch -days 3650 -nodes -new -keyout CA/keys/#{cn}.key -out CA/keys/#{cn}.csr -config CA/openssl.cnf ") + sys("openssl req -batch -days 3650 -nodes -new -newkey rsa:3072 -keyout CA/keys/#{cn}.key -out CA/keys/#{cn}.csr -config CA/openssl.cnf ") sys("openssl ca -batch -days 3650 -out CA/keys/#{cn}.crt -in CA/keys/#{cn}.csr -config CA/openssl.cnf ") File.chmod(0600, "CA/keys/#{cn}.key") == 1 or throw "Cannot chmod CA/keys/#{cn}.key" sys("openssl pkcs12 -passout pass: -export -in CA/keys/#{cn}.crt -inkey CA/keys/#{cn}.key -certfile CA/keys/ca.crt -out CA/keys/#{cn}.p12") |