KumiSystems/openwrtv3
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

package/uhttpd: generate 2048 bit RSA key

Browse source 
RSA keys should be generated with sufficient length.
Using 1024 bits is considered unsafe.
In other packages the used key length is 2048 bits.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>

SVN-Revision: 48494
This commit is contained in:
Felix Fietkau 2016-01-25 17:42:25 +00:00
parent 57776e68ce
commit 565570cfd5
2 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
package/network/services/uhttpd/files/uhttpd.config
View file

@ -111,7 +111,7 @@ config cert px5g
option days 730 option days 730
# RSA key size # RSA key size
option bits 1024 option bits 2048
# Location # Location
option country ZZ option country ZZ

2
package/network/services/uhttpd/files/uhttpd.init
View file

@ -45,7 +45,7 @@ generate_keys() {
[ -x "$PX5G_BIN" ] && { [ -x "$PX5G_BIN" ] && {
$PX5G_BIN selfsigned -der \ $PX5G_BIN selfsigned -der \
-days ${days:-730} -newkey rsa:${bits:-1024} -keyout "${UHTTPD_KEY}.new" -out "${UHTTPD_CERT}.new" \ -days ${days:-730} -newkey rsa:${bits:-2048} -keyout "${UHTTPD_KEY}.new" -out "${UHTTPD_CERT}.new" \
-subj /C="${country:-DE}"/ST="${state:-Saxony}"/L="${location:-Leipzig}"/CN="${commonname:-OpenWrt}" -subj /C="${country:-DE}"/ST="${state:-Saxony}"/L="${location:-Leipzig}"/CN="${commonname:-OpenWrt}"
sync sync
mv "${UHTTPD_KEY}.new" "${UHTTPD_KEY}" mv "${UHTTPD_KEY}.new" "${UHTTPD_KEY}"