From: Michael Tremer <michael.tremer@ipfire.org>
Date: Thu, 12 Dec 2013 20:18:56 +0000 (+0100)
Subject: httpscert: Increase size of the RSA key to 4096.
X-Git-Tag: v2.13-core74~2
X-Git-Url: http://git.ipfire.org/?p=ipfire-2.x.git;a=commitdiff_plain;h=325aa1e1f4b1948fe3dbd1bb6c65d056b1bebe29

httpscert: Increase size of the RSA key to 4096.

RSA keys with length of 1024 bits are considered weak.
---

diff --git a/src/scripts/httpscert b/src/scripts/httpscert
index ff48b602e0..d0e23fa7f8 100644
--- a/src/scripts/httpscert
+++ b/src/scripts/httpscert
@@ -8,7 +8,7 @@ case "$1" in
   new)
 	if [ ! -f /etc/httpd/server.key ]; then
 		echo "Generating https server key."
-		/usr/bin/openssl genrsa -out /etc/httpd/server.key 1024
+		/usr/bin/openssl genrsa -out /etc/httpd/server.key 4096
 	fi
 	echo "Generating CSR"
 	/bin/cat /etc/certparams | sed "s/HOSTNAME/`hostname -f`/" | /usr/bin/openssl \