update taoCerts.txt to use 1024 RSA by default, SHA1 instead of MD5

2014-06-20 10:16:07 -06:00 · 2014-06-20 10:16:07 -06:00 · 544c86b8e4
commit 544c86b8e4
parent 9642902c07
1 changed files with 5 additions and 5 deletions
--- a/certs/taoCert.txt
+++ b/certs/taoCert.txt
@ -1,11 +1,11 @@

 ***** Create a self signed cert ************

-1) openssl genrsa 512 > client-key.pem
+1) openssl genrsa 1024 > client-key.pem

-2) openssl req -new -x509 -nodes -md5 -days 1000 -key client-key.pem > client-cert.pem
+2) openssl req -new -x509 -nodes -sha1 -days 1000 -key client-key.pem > client-cert.pem

-3) note sha1 would be -sha1
+3) note md5 would be -md5

 -- adding metadata to beginning

@ -21,13 +21,13 @@ same as self signed, use ca prefix instead of client

 ***** Create a cert signed by CA **************

-1) openssl req -newkey rsa:512 -md5 -days 1000 -nodes -keyout server-key.pem > server-req.pem
+1) openssl req -newkey rsa:1024 -sha1 -days 1000 -nodes -keyout server-key.pem > server-req.pem

 * note if using exisitng key do: -new -key keyName

 2) copy ca-key.pem ca-cert.srl   (why ????)

-3) openssl x509 -req -in server-req.pem -days 1000 -md5 -CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 > server-cert.pem
+3) openssl x509 -req -in server-req.pem -days 1000 -sha1 -CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 > server-cert.pem


 ***** Adding Subject Key ID and Authentication Key ID extensions to a cert *****