]> git.ipfire.org Git - ipfire-2.x.git/commitdiff
httpscert: Increase size of the RSA key to 4096.
authorMichael Tremer <michael.tremer@ipfire.org>
Thu, 12 Dec 2013 20:18:56 +0000 (21:18 +0100)
committerMichael Tremer <michael.tremer@ipfire.org>
Thu, 12 Dec 2013 20:18:56 +0000 (21:18 +0100)
RSA keys with length of 1024 bits are considered weak.

src/scripts/httpscert

index ff48b602e09b23880d92120e9a1c6c7e3a87d116..d0e23fa7f8bdf784438b7c7d162226111be694cb 100644 (file)
@@ -8,7 +8,7 @@ case "$1" in
   new)
        if [ ! -f /etc/httpd/server.key ]; then
                echo "Generating https server key."
-               /usr/bin/openssl genrsa -out /etc/httpd/server.key 1024
+               /usr/bin/openssl genrsa -out /etc/httpd/server.key 4096
        fi
        echo "Generating CSR"
        /bin/cat /etc/certparams | sed "s/HOSTNAME/`hostname -f`/" | /usr/bin/openssl \