URL: https://github.com/freeipa/freeipa/pull/633 Author: frasertweedale Title: #633: Support 8192-bit RSA keys in default cert profile Action: opened
PR body: """ Update the caIPAserviceCert profile to accept 8192-bit RSA keys. Affects new installs only, because there is not yet a facility to update included profiles. Fixes: https://pagure.io/freeipa/issue/6319 """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/633/head:pr633 git checkout pr633
From 7fdab4eda952daff8e31874497eaac2aaf6976b8 Mon Sep 17 00:00:00 2001 From: Fraser Tweedale <ftwee...@redhat.com> Date: Wed, 22 Mar 2017 15:06:16 +1100 Subject: [PATCH] Support 8192-bit RSA keys in default cert profile Update the caIPAserviceCert profile to accept 8192-bit RSA keys. Affects new installs only, because there is not yet a facility to update included profiles. Fixes: https://pagure.io/freeipa/issue/6319 --- install/share/profiles/caIPAserviceCert.cfg | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/install/share/profiles/caIPAserviceCert.cfg b/install/share/profiles/caIPAserviceCert.cfg index 6c5102f..1efd206 100644 --- a/install/share/profiles/caIPAserviceCert.cfg +++ b/install/share/profiles/caIPAserviceCert.cfg @@ -32,7 +32,7 @@ policyset.serverCertSet.2.default.params.startTime=0 policyset.serverCertSet.3.constraint.class_id=keyConstraintImpl policyset.serverCertSet.3.constraint.name=Key Constraint policyset.serverCertSet.3.constraint.params.keyType=RSA -policyset.serverCertSet.3.constraint.params.keyParameters=1024,2048,3072,4096 +policyset.serverCertSet.3.constraint.params.keyParameters=1024,2048,3072,4096,8192 policyset.serverCertSet.3.default.class_id=userKeyDefaultImpl policyset.serverCertSet.3.default.name=Key Default policyset.serverCertSet.4.constraint.class_id=noConstraintImpl
-- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code