summaryrefslogtreecommitdiff
path: root/src/certtool.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/certtool.c')
-rw-r--r--src/certtool.c8
1 files changed, 6 insertions, 2 deletions
diff --git a/src/certtool.c b/src/certtool.c
index b312fca4bf..9da4318121 100644
--- a/src/certtool.c
+++ b/src/certtool.c
@@ -251,14 +251,18 @@ generate_private_key_int (void)
bits = get_bits (key_type);
fprintf (stderr, "Generating a %d bit %s private key...\n",
- get_bits (key_type), gnutls_pk_algorithm_get_name (key_type));
+ bits, gnutls_pk_algorithm_get_name (key_type));
if (info.quick_random == 0)
fprintf (stderr,
"This might take several minutes depending on availability of randomness"
" in /dev/random.\n");
- ret = gnutls_x509_privkey_generate (key, key_type, get_bits (key_type), 0);
+ if (bits > 1024 && key_type == GNUTLS_PK_DSA)
+ fprintf (stderr,
+ "Note that DSA keys with size over 1024 can only be used with TLS 1.2 or later.\n\n");
+
+ ret = gnutls_x509_privkey_generate (key, key_type,bits, 0);
if (ret < 0)
error (EXIT_FAILURE, 0, "privkey_generate: %s", gnutls_strerror (ret));
View Lorry Controller Status