freeradius/freeradius-cert-config.patch
2011-10-03 15:04:20 -04:00

63 lines
2.3 KiB
Diff

diff -r -u freeradius-server-2.1.12.orig/raddb/certs/ca.cnf freeradius-server-2.1.12/raddb/certs/ca.cnf
--- freeradius-server-2.1.12.orig/raddb/certs/ca.cnf 2011-09-07 06:59:21.000000000 -0400
+++ freeradius-server-2.1.12/raddb/certs/ca.cnf 2011-09-07 10:28:28.000000000 -0400
@@ -14,9 +14,9 @@
RANDFILE = $dir/.rand
name_opt = ca_default
cert_opt = ca_default
-default_days = 365
+default_days = 60
default_crl_days = 30
-default_md = md5
+default_md = sha1
preserve = no
policy = policy_match
diff -r -u freeradius-server-2.1.12.orig/raddb/certs/client.cnf freeradius-server-2.1.12/raddb/certs/client.cnf
--- freeradius-server-2.1.12.orig/raddb/certs/client.cnf 2011-09-07 06:59:21.000000000 -0400
+++ freeradius-server-2.1.12/raddb/certs/client.cnf 2011-09-07 10:28:28.000000000 -0400
@@ -14,9 +14,9 @@
RANDFILE = $dir/.rand
name_opt = ca_default
cert_opt = ca_default
-default_days = 365
+default_days = 60
default_crl_days = 30
-default_md = md5
+default_md = sha1
preserve = no
policy = policy_match
diff -r -u freeradius-server-2.1.12.orig/raddb/certs/server.cnf freeradius-server-2.1.12/raddb/certs/server.cnf
--- freeradius-server-2.1.12.orig/raddb/certs/server.cnf 2011-09-07 06:59:21.000000000 -0400
+++ freeradius-server-2.1.12/raddb/certs/server.cnf 2011-09-07 10:28:28.000000000 -0400
@@ -14,9 +14,9 @@
RANDFILE = $dir/.rand
name_opt = ca_default
cert_opt = ca_default
-default_days = 365
+default_days = 60
default_crl_days = 30
-default_md = md5
+default_md = sha1
preserve = no
policy = policy_match
diff -r -u freeradius-server-2.1.12.orig/raddb/eap.conf freeradius-server-2.1.12/raddb/eap.conf
--- freeradius-server-2.1.12.orig/raddb/eap.conf 2011-09-07 06:59:21.000000000 -0400
+++ freeradius-server-2.1.12/raddb/eap.conf 2011-09-07 10:28:28.000000000 -0400
@@ -281,7 +281,11 @@
# for the server to print out an error message,
# and refuse to start.
#
- make_cert_command = "${certdir}/bootstrap"
+ # Redhat RPM's run the bootstrap certificate creation
+ # as part of the RPM install (not upgrade), therefore
+ # the make_cert_command is commented out.
+ #
+ #make_cert_command = "${certdir}/bootstrap"
#
# Elliptical cryptography configuration
Only in freeradius-server-2.1.12/raddb: eap.conf.orig