Commit eb10cb16 authored by guus's avatar guus

DSA and RSA key sizes should be configurable, and should have higher default values. (OF-377)

git-svn-id: http://svn.igniterealtime.org/svn/repos/openfire/trunk@11782 b35dd754-fafc-0310-a699-88a17e54d16e
parent 4908903b
...@@ -123,7 +123,7 @@ public class CertificateManager { ...@@ -123,7 +123,7 @@ public class CertificateManager {
String subjectDN, String domain) String subjectDN, String domain)
throws GeneralSecurityException, IOException { throws GeneralSecurityException, IOException {
// Generate public and private keys // Generate public and private keys
KeyPair keyPair = generateKeyPair("DSA", 1024); KeyPair keyPair = generateKeyPair("DSA", JiveGlobals.getIntProperty("cert.dsa.keysize", 1024));
// Create X509 certificate with keys and specified domain // Create X509 certificate with keys and specified domain
X509Certificate cert = createX509V3Certificate(keyPair, 60, issuerDN, subjectDN, domain, "SHA1withDSA"); X509Certificate cert = createX509V3Certificate(keyPair, 60, issuerDN, subjectDN, domain, "SHA1withDSA");
// Store new certificate and private key in the keystore // Store new certificate and private key in the keystore
...@@ -161,7 +161,7 @@ public class CertificateManager { ...@@ -161,7 +161,7 @@ public class CertificateManager {
String subjectDN, String domain) String subjectDN, String domain)
throws GeneralSecurityException, IOException { throws GeneralSecurityException, IOException {
// Generate public and private keys // Generate public and private keys
KeyPair keyPair = generateKeyPair("RSA", 1024); KeyPair keyPair = generateKeyPair("RSA", JiveGlobals.getIntProperty("cert.rsa.keysize", 2048));
// Create X509 certificate with keys and specified domain // Create X509 certificate with keys and specified domain
X509Certificate cert = createX509V3Certificate(keyPair, 60, issuerDN, subjectDN, domain, "SHA1WITHRSAENCRYPTION"); X509Certificate cert = createX509V3Certificate(keyPair, 60, issuerDN, subjectDN, domain, "SHA1WITHRSAENCRYPTION");
// Store new certificate and private key in the keystore // Store new certificate and private key in the keystore
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment