diff options
Diffstat (limited to 'keystone')
| -rw-r--r-- | keystone/common/config.py | 2 | ||||
| -rw-r--r-- | keystone/common/openssl.py | 4 |
2 files changed, 3 insertions, 3 deletions
diff --git a/keystone/common/config.py b/keystone/common/config.py index e2f5055a7..5ff0f4bb3 100644 --- a/keystone/common/config.py +++ b/keystone/common/config.py @@ -245,7 +245,7 @@ def configure(): default="/etc/keystone/ssl/certs/ca.pem") register_str('ca_key', group='signing', default="/etc/keystone/ssl/certs/cakey.pem") - register_int('key_size', group='signing', default=1024) + register_int('key_size', group='signing', default=2048) register_int('valid_days', group='signing', default=3650) register_str('ca_password', group='signing', default=None) register_str('cert_subject', group='signing', diff --git a/keystone/common/openssl.py b/keystone/common/openssl.py index 3e08ed1ef..47ac5aa69 100644 --- a/keystone/common/openssl.py +++ b/keystone/common/openssl.py @@ -197,7 +197,7 @@ new_certs_dir = $dir serial = $dir/serial database = $dir/index.txt default_days = 365 -default_md = sha1 +default_md = default # use public key default MD preserve = no email_in_dn = no nameopt = default_ca @@ -215,7 +215,7 @@ commonName = supplied emailAddress = optional [ req ] -default_bits = 1024 # Size of keys +default_bits = 2048 # Size of keys default_keyfile = key.pem # name of generated keys default_md = default # message digest algorithm string_mask = nombstr # permitted characters |