Use genpkey instead of genrsa to generate private keys

`genrsa` is being deprecated by openssl for a long time and `genpkey` do the same thing (and more) better so we might as well use it.
2022-04-06 12:14:19 +02:00 · 2022-04-06 12:14:19 +02:00 · 5ea07db20c
parent 692b50ebf9
commit 5ea07db20c
2 changed files with 3 additions and 1 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -11,6 +11,8 @@ This project does not follow semantic versioning.

 ### Changed

+* Use `genpkey` instead of `genrsa` to generate private keys.
+
 ### Deprecated

 ### Removed
--- a/make-csr.sh
+++ b/make-csr.sh
@ -126,7 +126,7 @@ openssl_key(){

    [ -w "${key_dir}" ] || error "Directory ${key_dir} is not writable"

-    "${OPENSSL_BIN}" genrsa -out "${key}" "${size}" 2> /dev/null
+    "${OPENSSL_BIN}" genpkey -algorithm RSA -pkeyopt "rsa_keygen_bits:${size}" -out "${key}" 2> /dev/null

    [ -r "${key}" ] || error "Something went wrong, ${key} has not been generated"
 }