Changeset 2683 for trunk


Ignore:
Timestamp:
Mar 12, 2015, 4:17:43 AM (7 years ago)
Author:
andersk
Message:
install-howto: Update openssl commands for modern crypto

Just in case someone is looking here when generating a real
certificate for some reason.
File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/server/doc/install-howto.sh

    r2594 r2683  
    320320#   - You need a self-signed SSL cert or Apache will refuse to start
    321321#     or do SSL.  Generate with: (XXX recommended CN?)
    322     openssl req -new -x509 -keyout /etc/pki/tls/private/scripts.key -out /etc/pki/tls/certs/scripts-cert.pem -nodes
    323     ln -s /etc/pki/tls/private/scripts.key /etc/pki/tls/private/scripts-1024.key
     322    openssl req -new -x509 -sha256 -newkey rsa:2048 -keyout /etc/pki/tls/private/scripts.key -out /etc/pki/tls/certs/scripts-cert.pem -nodes
     323    ln -s /etc/pki/tls/private/scripts.key /etc/pki/tls/private/scripts-2048.key
    324324#     Also make the various public keys match up
    325325    openssl rsa -in /etc/pki/tls/private/scripts.key -pubout > /etc/pki/tls/certs/star.scripts.pem
Note: See TracChangeset for help on using the changeset viewer.