From c5a0a6507d822e40e8417b54dbd33fc75065540c Mon Sep 17 00:00:00 2001
From: Peter Palfrader <peter@palfrader.org>
Date: Wed, 23 Apr 2014 05:44:33 +0000
Subject: larger keys

git-svn-id: svn+ssh://asteria.noreply.org/svn/weaselutils/trunk@671 bc3d92e2-beff-0310-a7cd-cc87d7ac0ede
---
 Generate | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/Generate b/Generate
index e8f14b4..5dc6f5b 100755
--- a/Generate
+++ b/Generate
@@ -174,7 +174,7 @@ def check_ca
 	opensslcnf.close
 
 	ENV['CN'] = 'ca'+'.'+$config['cadndomain']
-	sys("openssl req -batch -days 3650 -nodes -new -x509 -keyout CA/keys/ca.key -out CA/keys/ca.crt -config CA/openssl.cnf ")
+	sys("openssl req -batch -days 3650 -nodes -new -newkey rsa:4096 -x509 -keyout CA/keys/ca.key -out CA/keys/ca.crt -config CA/openssl.cnf ")
 	File.chmod(0600, "CA/keys/ca.key") == 1 or throw "Cannot chmod CA/keys/ca.key"
 
 	index=File.new('CA/keys/index.txt', "w")
@@ -197,7 +197,7 @@ def build_key(cn)
 	return true if FileTest.exists?("CA/keys/#{cn}.p12")
 
 	ENV['CN'] = cn
-	sys("openssl req -batch -days 3650 -nodes -new -keyout CA/keys/#{cn}.key -out CA/keys/#{cn}.csr -config CA/openssl.cnf ")
+	sys("openssl req -batch -days 3650 -nodes -new -newkey rsa:3072 -keyout CA/keys/#{cn}.key -out CA/keys/#{cn}.csr -config CA/openssl.cnf ")
 	sys("openssl ca  -batch -days 3650 -out CA/keys/#{cn}.crt -in CA/keys/#{cn}.csr -config CA/openssl.cnf ")
 	File.chmod(0600, "CA/keys/#{cn}.key") == 1 or throw "Cannot chmod CA/keys/#{cn}.key"
 	sys("openssl pkcs12 -passout pass: -export -in CA/keys/#{cn}.crt -inkey CA/keys/#{cn}.key -certfile CA/keys/ca.crt -out CA/keys/#{cn}.p12")
-- 
cgit v1.2.3