use 2048-bit RSA key with SHA-256 signature in dummy certificate

This commit is contained in:
Joe Orton 2014-02-28 17:45:18 +00:00
parent 6a627fd53c
commit 8efab6ad85

View File

@ -14,7 +14,7 @@
Summary: Apache HTTP Server Summary: Apache HTTP Server
Name: httpd Name: httpd
Version: 2.4.7 Version: 2.4.7
Release: 5%{?dist} Release: 6%{?dist}
URL: http://httpd.apache.org/ URL: http://httpd.apache.org/
Source0: http://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2 Source0: http://www.apache.org/dist/httpd/httpd-%{version}.tar.bz2
Source1: index.html Source1: index.html
@ -469,7 +469,7 @@ if [ -f %{sslkey} -o -f %{sslcert} ]; then
exit 0 exit 0
fi fi
%{_bindir}/openssl genrsa -rand /proc/apm:/proc/cpuinfo:/proc/dma:/proc/filesystems:/proc/interrupts:/proc/ioports:/proc/pci:/proc/rtc:/proc/uptime 1024 > %{sslkey} 2> /dev/null %{_bindir}/openssl genrsa -rand /proc/apm:/proc/cpuinfo:/proc/dma:/proc/filesystems:/proc/interrupts:/proc/ioports:/proc/pci:/proc/rtc:/proc/uptime 2048 > %{sslkey} 2> /dev/null
FQDN=`hostname` FQDN=`hostname`
if [ "x${FQDN}" = "x" ]; then if [ "x${FQDN}" = "x" ]; then
@ -477,7 +477,7 @@ if [ "x${FQDN}" = "x" ]; then
fi fi
cat << EOF | %{_bindir}/openssl req -new -key %{sslkey} \ cat << EOF | %{_bindir}/openssl req -new -key %{sslkey} \
-x509 -days 365 -set_serial $RANDOM -extensions v3_req \ -x509 -sha256 -days 365 -set_serial $RANDOM -extensions v3_req \
-out %{sslcert} 2>/dev/null -out %{sslcert} 2>/dev/null
-- --
SomeState SomeState
@ -626,6 +626,9 @@ rm -rf $RPM_BUILD_ROOT
%{_sysconfdir}/rpm/macros.httpd %{_sysconfdir}/rpm/macros.httpd
%changelog %changelog
* Fri Feb 28 2014 Joe Orton <jorton@redhat.com> - 2.4.7-6
- use 2048-bit RSA key with SHA-256 signature in dummy certificate
* Fri Feb 28 2014 Stephen Gallagher <sgallagh@redhat.com> 2.4.7-5 * Fri Feb 28 2014 Stephen Gallagher <sgallagh@redhat.com> 2.4.7-5
- Create drop directory for systemd snippets - Create drop directory for systemd snippets