Commit ca5d6635 authored by Jacob Priddy's avatar Jacob Priddy 👌
Browse files

use rsa 2048 for door controllers cause they slow

parent 4d656fcc
Pipeline #12722 passed with stages
in 2 minutes and 59 seconds
......@@ -5,7 +5,10 @@ echo "Generating cert for domain: $1"
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )"
echo "Generating root certificate..."
openssl ecparam -out "${DIR}/certs/root.key" -name secp256r1 -genkey
# Need to generate RSA keys for speed. The ESP32 boards ssl handshake takes 4-5 seconds with ECDSA :(
# But 2 seconds for RSA 2048 keys
# openssl ecparam -out "${DIR}/certs/root.key" -name secp256r1 -genkey
openssl genrsa -out "${DIR}/certs/root.key" 2048
# First generate private key for the root certificate as well as a certificate request
openssl req -new -key "${DIR}/certs/root.key" -nodes -out "${DIR}/certs/root.csr" \
-subj "/C=US/ST=Washington/L=College Place/O=WWU/OU=$1 ROOT CA ISSUER/CN=$1"
......
......@@ -4,7 +4,10 @@ DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )"
echo "Generating webserver private key and certificate request..."
# Now generate a webserver certificate in the chain of the root
openssl ecparam -out "${DIR}/certs/webserver.key" -name secp256r1 -genkey
# Need to generate RSA keys for speed. The ESP32 boards ssl handshake takes 4-5 seconds with ECDSA :(
# But 2 seconds for RSA 2048 keys
# openssl ecparam -out "${DIR}/certs/webserver.key" -name secp256r1 -genkey
openssl genrsa -out "${DIR}/certs/webserver.key" 2048
openssl req -new -key "${DIR}/certs/webserver.key" -nodes \
-subj "/C=US/ST=Washington/L=College Place/O=WWU/CN=$1" \
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment