Skip to content

Commit d7a413c

Browse files
Jodie111JumpingYang001
Jodie111
and
JumpingYang001
authored
Update RSA key bit length to 3072. (#761)
Update RSA key bit length to 3072. Co-authored-by: Jumping Yang[Wicresoft] <v-zhenpy@microsoft.com>
1 parent 3566da8 commit d7a413c

File tree

1 file changed

+8
-1
lines changed

1 file changed

+8
-1
lines changed

Unix/installbuilder/datafiles/Base_OMI.data

Lines changed: 8 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -403,7 +403,7 @@ EOF
403403
}
404404

405405
GenerateKeyCert() {
406-
$OPENSSL_PATH req -x509 -sha256 -newkey rsa:2048 -days 3650 -nodes -config $cnffile -keyout $keyfile -out $certfile
406+
$OPENSSL_PATH req -x509 -sha256 -newkey rsa:3072 -days 3650 -nodes -config $cnffile -keyout $keyfile -out $certfile
407407
}
408408

409409
HandleConfigFiles() {
@@ -465,6 +465,13 @@ DeleteUnsupportedCertificate() {
465465
echo "************************************************************"
466466
rm -rf $certdir*
467467
fi
468+
469+
if [ `$OPENSSL_PATH x509 -in $certfile -text | grep "Public-Key"| sed 's/[^0-9]*//g'` -lt 3072 ]; then
470+
echo "************************************************************"
471+
echo "* Deleting certificates whose public key is less than 3072 *"
472+
echo "************************************************************"
473+
rm -rf $certdir*
474+
fi
468475
fi
469476
}
470477

0 commit comments

Comments
 (0)