Skip to content
This repository has been archived by the owner on Dec 7, 2022. It is now read-only.

Use 4096 bits on the auth CA instead of 2048. #2503

Merged
merged 1 commit into from Mar 31, 2016
Merged
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
Use 4096 bits on the auth CA instead of 2048.
  • Loading branch information
Randy Barlow committed Mar 30, 2016
commit 9f969b94c4b4f310865455d36db207de6cffebca
10 changes: 6 additions & 4 deletions server/bin/pulp-gen-ca-certificate
Expand Up @@ -30,9 +30,10 @@ CN=`hostname --fqdn`
ORG="PULP"

mkdir -p $TMP
chmod 700 $TMP

# create CA key
openssl genrsa -out $TMP/ca.key 2048 &> /dev/null
openssl genrsa -out $TMP/ca.key 4096 &> /dev/null

# create signing request
openssl req \
Expand All @@ -52,12 +53,13 @@ openssl x509 \
-out $TMP/ca.crt &> /dev/null

# install
cp $TMP/ca.key $CA_KEY
cp $TMP/ca.crt $CA_CRT
mv $TMP/ca.key $CA_KEY
mv $TMP/ca.crt $CA_CRT
rm $TMP/ca.req
chown root:apache $CA_KEY
chown root:apache $CA_CRT
chmod 640 $CA_KEY
chmod 640 $CA_CRT

# clean
rm -rf $TMP
rmdir $TMP