Skip to content

Commit 14403ba

Browse files
M03EDM03ED
committed
feat(certificates): switch to EC key generation for server and client certificates
1 parent c7d9ca5 commit 14403ba

1 file changed

Lines changed: 14 additions & 8 deletions

File tree

Makefile

Lines changed: 14 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -65,17 +65,23 @@ SAN ?= DNS:localhost,IP:127.0.0.1
6565

6666
generate_server_cert:
6767
mkdir -p ./certs
68-
openssl req -x509 -newkey rsa:4096 -keyout ./certs/ssl_key.pem \
69-
-out ./certs/ssl_cert.pem -days 36500 -nodes \
70-
-subj "/CN=$(CN)" \
71-
-addext "subjectAltName = $(SAN)"
68+
openssl req -x509 -newkey ec \
69+
-pkeyopt ec_paramgen_curve:P-256 \
70+
-keyout ./certs/ssl_key.pem \
71+
-out ./certs/ssl_cert.pem \
72+
-days 3650 -nodes \
73+
-subj "/CN=$(CN)" \
74+
-addext "subjectAltName = $(SAN)"
7275

7376
generate_client_cert:
7477
mkdir -p ./certs
75-
openssl req -x509 -newkey rsa:4096 -keyout ./certs/ssl_client_key.pem \
76-
-out ./certs/ssl_client_cert.pem -days 36500 -nodes \
77-
-subj "/CN=$(CN)" \
78-
-addext "subjectAltName = $(SAN)"
78+
openssl req -x509 -newkey ec \
79+
-pkeyopt ec_paramgen_curve:P-256 \
80+
-keyout ./certs/ssl_client_key.pem \
81+
-out ./certs/ssl_client_cert.pem \
82+
-days 3650 -nodes \
83+
-subj "/CN=$(CN)" \
84+
-addext "subjectAltName = $(SAN)"
7985

8086
UNAME_S := $(shell uname -s)
8187
UNAME_M := $(shell uname -m)

0 commit comments

Comments
 (0)