diff options
-rwxr-xr-x | Generate | 4 |
1 files changed, 2 insertions, 2 deletions
@@ -174,7 +174,7 @@ def check_ca opensslcnf.close ENV['CN'] = 'ca'+'.'+$config['cadndomain'] - sys("openssl req -batch -days 3650 -nodes -new -x509 -keyout CA/keys/ca.key -out CA/keys/ca.crt -config CA/openssl.cnf ") + sys("openssl req -batch -days 3650 -nodes -new -newkey rsa:4096 -x509 -keyout CA/keys/ca.key -out CA/keys/ca.crt -config CA/openssl.cnf ") File.chmod(0600, "CA/keys/ca.key") == 1 or throw "Cannot chmod CA/keys/ca.key" index=File.new('CA/keys/index.txt', "w") @@ -197,7 +197,7 @@ def build_key(cn) return true if FileTest.exists?("CA/keys/#{cn}.p12") ENV['CN'] = cn - sys("openssl req -batch -days 3650 -nodes -new -keyout CA/keys/#{cn}.key -out CA/keys/#{cn}.csr -config CA/openssl.cnf ") + sys("openssl req -batch -days 3650 -nodes -new -newkey rsa:3072 -keyout CA/keys/#{cn}.key -out CA/keys/#{cn}.csr -config CA/openssl.cnf ") sys("openssl ca -batch -days 3650 -out CA/keys/#{cn}.crt -in CA/keys/#{cn}.csr -config CA/openssl.cnf ") File.chmod(0600, "CA/keys/#{cn}.key") == 1 or throw "Cannot chmod CA/keys/#{cn}.key" sys("openssl pkcs12 -passout pass: -export -in CA/keys/#{cn}.crt -inkey CA/keys/#{cn}.key -certfile CA/keys/ca.crt -out CA/keys/#{cn}.p12") |