Change generated private key length to 2048 bits.
This commit is contained in:
parent
3ca95632e0
commit
b0724c97ea
|
@ -30,7 +30,7 @@ init() {
|
||||||
if [ ! -f $PREFIX/files/ca/serial ]; then echo 01 > $PREFIX/ca/serial; fi
|
if [ ! -f $PREFIX/files/ca/serial ]; then echo 01 > $PREFIX/ca/serial; fi
|
||||||
|
|
||||||
$OPENSSL dhparam -out $PREFIX/ca/dh1024.pem 1024
|
$OPENSSL dhparam -out $PREFIX/ca/dh1024.pem 1024
|
||||||
$OPENSSL genrsa -out $PREFIX/ca/private.key 1024
|
$OPENSSL genrsa -out $PREFIX/ca/private.key 2048
|
||||||
|
|
||||||
$OPENSSL req \
|
$OPENSSL req \
|
||||||
-config $CONFFILE \
|
-config $CONFFILE \
|
||||||
|
@ -61,13 +61,13 @@ create() {
|
||||||
mkdir $DIR
|
mkdir $DIR
|
||||||
|
|
||||||
# generate private key
|
# generate private key
|
||||||
$OPENSSL genrsa -out $DIR/$cn.key 1024
|
$OPENSSL genrsa -out $DIR/$cn.key 2048
|
||||||
|
|
||||||
# generate csr req
|
# generate csr req
|
||||||
$OPENSSL req \
|
$OPENSSL req \
|
||||||
-new -days 1000 \
|
-new -days 1000 \
|
||||||
-config $CONFFILE \
|
-config $CONFFILE \
|
||||||
-newkey rsa:1024 \
|
-newkey rsa:2048 \
|
||||||
-nodes \
|
-nodes \
|
||||||
-keyout $DIR/$cn.key \
|
-keyout $DIR/$cn.key \
|
||||||
-out $DIR/$cn.csr
|
-out $DIR/$cn.csr
|
||||||
|
|
Loading…
Reference in a new issue