mirror of
https://github.com/openwrt/openwrt.git
synced 2024-12-27 01:11:14 +00:00
package/uhttpd: generate 2048 bit RSA key
RSA keys should be generated with sufficient length. Using 1024 bits is considered unsafe. In other packages the used key length is 2048 bits. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> SVN-Revision: 48494
This commit is contained in:
parent
57776e68ce
commit
565570cfd5
@ -111,7 +111,7 @@ config cert px5g
|
|||||||
option days 730
|
option days 730
|
||||||
|
|
||||||
# RSA key size
|
# RSA key size
|
||||||
option bits 1024
|
option bits 2048
|
||||||
|
|
||||||
# Location
|
# Location
|
||||||
option country ZZ
|
option country ZZ
|
||||||
|
@ -45,7 +45,7 @@ generate_keys() {
|
|||||||
|
|
||||||
[ -x "$PX5G_BIN" ] && {
|
[ -x "$PX5G_BIN" ] && {
|
||||||
$PX5G_BIN selfsigned -der \
|
$PX5G_BIN selfsigned -der \
|
||||||
-days ${days:-730} -newkey rsa:${bits:-1024} -keyout "${UHTTPD_KEY}.new" -out "${UHTTPD_CERT}.new" \
|
-days ${days:-730} -newkey rsa:${bits:-2048} -keyout "${UHTTPD_KEY}.new" -out "${UHTTPD_CERT}.new" \
|
||||||
-subj /C="${country:-DE}"/ST="${state:-Saxony}"/L="${location:-Leipzig}"/CN="${commonname:-OpenWrt}"
|
-subj /C="${country:-DE}"/ST="${state:-Saxony}"/L="${location:-Leipzig}"/CN="${commonname:-OpenWrt}"
|
||||||
sync
|
sync
|
||||||
mv "${UHTTPD_KEY}.new" "${UHTTPD_KEY}"
|
mv "${UHTTPD_KEY}.new" "${UHTTPD_KEY}"
|
||||||
|
Loading…
Reference in New Issue
Block a user