GithubFollow/One-KVM
1
0
Fork 0
mirror of https://github.com/mofeng-git/One-KVM.git synced 2025-12-12 01:00:29 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

moving to ecc

Browse Source
This commit is contained in:
Devaev Maxim 2020-07-08 03:28:02 +03:00
parent cb8ddaec47
commit 1afcfebc7f
1 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
scripts/kvmd-gencert
View File

@ -35,6 +35,11 @@ if [ "$1" != --do-the-thing ]; then
exit 1 exit 1
fi fi
# XXX: Why ECC?
# https://www.leaderssl.com/articles/345-what-is-ecc-and-why-you-should-use-it
# https://www.digitalocean.com/community/tutorials/how-to-create-an-ecc-certificate-on-nginx-for-debian-8
# https://msol.io/blog/tech/create-a-self-signed-ecc-certificate
set -x set -x
export LC_ALL=C export LC_ALL=C
@ -42,7 +47,8 @@ export LC_ALL=C
mkdir -p /etc/kvmd/nginx/ssl mkdir -p /etc/kvmd/nginx/ssl
cd /etc/kvmd/nginx/ssl cd /etc/kvmd/nginx/ssl
openssl req -new -x509 -nodes -newkey rsa:4096 -keyout server.key -out server.crt -days 3650 \ openssl ecparam -out server.key -name prime256v1 -genkey
openssl req -new -x509 -sha256 -nodes -key server.key -out server.crt -days 3650 \
-subj "/C=RU/ST=Moscow/L=Moscow/O=Pi-KVM/OU=Pi-KVM/CN=localhost" -subj "/C=RU/ST=Moscow/L=Moscow/O=Pi-KVM/OU=Pi-KVM/CN=localhost"
chown -R root:kvmd-nginx /etc/kvmd/nginx/ssl chown -R root:kvmd-nginx /etc/kvmd/nginx/ssl