From a7b3907c5b31b2ff23d341493fb0c145ddf3c5b1 Mon Sep 17 00:00:00 2001
From: Benny Baumann <BenBE@geshi.org>
Date: Fri, 20 Jun 2014 16:43:10 +0200
Subject: [PATCH] Update key Generation Script to use stronger keys and no
 intermediate files

---
 doc/generateKeys.sh | 11 +++--------
 1 file changed, 3 insertions(+), 8 deletions(-)
 mode change 100644 => 100755 doc/generateKeys.sh

diff --git a/doc/generateKeys.sh b/doc/generateKeys.sh
old mode 100644
new mode 100755
index bbeda4f9..5ab40428
--- a/doc/generateKeys.sh
+++ b/doc/generateKeys.sh
@@ -1,11 +1,6 @@
 # this script generates a simple self-signed keypair
 
-openssl genrsa -des3 -passout pass:1 -out jetty.pass.key 2048
-openssl rsa -passin pass:1 -in jetty.pass.key -out jetty.key
-rm jetty.pass.key
-openssl req -new -key jetty.key -out jetty.csr -subj "/CN=jetty" -config selfsign.config
+openssl genrsa -nodes -out jetty.key 4096
+openssl req -new -key jetty.key -out jetty.csr -subj "/CN=localhost" -config selfsign.config
 openssl x509 -req -days 365 -in jetty.csr -signkey jetty.key -out jetty.crt
-rm jetty.csr
-openssl pkcs12 -inkey jetty.key -in jetty.crt -passout pass: -export -out ../config/keystore.pkcs12
-rm jetty.key
-rm jetty.crt
+openssl pkcs12 -inkey jetty.key -in jetty.crt -export -passout pass: -out ../config/keystore.pkcs12
-- 
2.39.2