From 325aa1e1f4b1948fe3dbd1bb6c65d056b1bebe29 Mon Sep 17 00:00:00 2001
From: Michael Tremer <michael.tremer@ipfire.org>
Date: Thu, 12 Dec 2013 21:18:56 +0100
Subject: [PATCH] httpscert: Increase size of the RSA key to 4096.

RSA keys with length of 1024 bits are considered weak.
---
 src/scripts/httpscert | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/scripts/httpscert b/src/scripts/httpscert
index ff48b602e0..d0e23fa7f8 100644
--- a/src/scripts/httpscert
+++ b/src/scripts/httpscert
@@ -8,7 +8,7 @@ case "$1" in
   new)
 	if [ ! -f /etc/httpd/server.key ]; then
 		echo "Generating https server key."
-		/usr/bin/openssl genrsa -out /etc/httpd/server.key 1024
+		/usr/bin/openssl genrsa -out /etc/httpd/server.key 4096
 	fi
 	echo "Generating CSR"
 	/bin/cat /etc/certparams | sed "s/HOSTNAME/`hostname -f`/" | /usr/bin/openssl \
-- 
2.39.5