summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPeter Palfrader <peter@palfrader.org>2014-04-23 05:44:33 +0000
committerweasel <weasel@bc3d92e2-beff-0310-a7cd-cc87d7ac0ede>2014-04-23 05:44:33 +0000
commitc5a0a6507d822e40e8417b54dbd33fc75065540c (patch)
tree8226854ee0a3747f721570e7ca464db5ffb7cf5d
parent946f94ab801d84a4a19a11c5af35e534d11ae252 (diff)
larger keys
git-svn-id: svn+ssh://asteria.noreply.org/svn/weaselutils/trunk@671 bc3d92e2-beff-0310-a7cd-cc87d7ac0ede
-rwxr-xr-xGenerate4
1 files changed, 2 insertions, 2 deletions
diff --git a/Generate b/Generate
index e8f14b4..5dc6f5b 100755
--- a/Generate
+++ b/Generate
@@ -174,7 +174,7 @@ def check_ca
opensslcnf.close
ENV['CN'] = 'ca'+'.'+$config['cadndomain']
- sys("openssl req -batch -days 3650 -nodes -new -x509 -keyout CA/keys/ca.key -out CA/keys/ca.crt -config CA/openssl.cnf ")
+ sys("openssl req -batch -days 3650 -nodes -new -newkey rsa:4096 -x509 -keyout CA/keys/ca.key -out CA/keys/ca.crt -config CA/openssl.cnf ")
File.chmod(0600, "CA/keys/ca.key") == 1 or throw "Cannot chmod CA/keys/ca.key"
index=File.new('CA/keys/index.txt', "w")
@@ -197,7 +197,7 @@ def build_key(cn)
return true if FileTest.exists?("CA/keys/#{cn}.p12")
ENV['CN'] = cn
- sys("openssl req -batch -days 3650 -nodes -new -keyout CA/keys/#{cn}.key -out CA/keys/#{cn}.csr -config CA/openssl.cnf ")
+ sys("openssl req -batch -days 3650 -nodes -new -newkey rsa:3072 -keyout CA/keys/#{cn}.key -out CA/keys/#{cn}.csr -config CA/openssl.cnf ")
sys("openssl ca -batch -days 3650 -out CA/keys/#{cn}.crt -in CA/keys/#{cn}.csr -config CA/openssl.cnf ")
File.chmod(0600, "CA/keys/#{cn}.key") == 1 or throw "Cannot chmod CA/keys/#{cn}.key"
sys("openssl pkcs12 -passout pass: -export -in CA/keys/#{cn}.crt -inkey CA/keys/#{cn}.key -certfile CA/keys/ca.crt -out CA/keys/#{cn}.p12")