diff options
| author | Koichiro IWAO <meta@vmeta.jp> | 2016-11-16 17:24:26 +0900 |
|---|---|---|
| committer | Koichiro IWAO <meta@vmeta.jp> | 2016-11-16 17:24:26 +0900 |
| commit | 71960940163e248e0af20fdc3fcd782382d47622 (patch) | |
| tree | 3386cfa9f7ca4fee9e48ce494696776b5b627f0e | |
| parent | 9deaa078fccf15ff25846c25517988caf422b2d4 (diff) | |
| download | xrdp-proprietary-71960940163e248e0af20fdc3fcd782382d47622.tar.gz xrdp-proprietary-71960940163e248e0af20fdc3fcd782382d47622.zip | |
Do not create SHA-1 certificates anymore
as many systems in the world still default to create SHA-1 certs if
hash algorithm is not specified explicitly.
| -rw-r--r-- | keygen/Makefile.am | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/keygen/Makefile.am b/keygen/Makefile.am index 8cdea746..e77fe24e 100644 --- a/keygen/Makefile.am +++ b/keygen/Makefile.am @@ -19,7 +19,7 @@ xrdpsysconfdir = $(sysconfdir)/xrdp install-data-hook: umask 077 && \ if [ ! -f $(DESTDIR)$(xrdpsysconfdir)/rsakeys.ini ]; then ./xrdp-keygen xrdp $(DESTDIR)$(xrdpsysconfdir)/rsakeys.ini; fi && \ - if [ ! -f $(DESTDIR)$(xrdpsysconfdir)/cert.pem ]; then openssl req -x509 -newkey rsa:2048 -nodes -keyout $(DESTDIR)$(xrdpsysconfdir)/key.pem -out $(DESTDIR)$(xrdpsysconfdir)/cert.pem -days 365 -subj /C=US/ST=CA/L=Sunnyvale/O=xrdp/CN=www.xrdp.org; fi + if [ ! -f $(DESTDIR)$(xrdpsysconfdir)/cert.pem ]; then openssl req -x509 -newkey rsa:2048 -sha256 -nodes -keyout $(DESTDIR)$(xrdpsysconfdir)/key.pem -out $(DESTDIR)$(xrdpsysconfdir)/cert.pem -days 365 -subj /C=US/ST=CA/L=Sunnyvale/O=xrdp/CN=www.xrdp.org; fi uninstall-hook: rm -f $(DESTDIR)$(xrdpsysconfdir)/rsakeys.ini |