RPJosh
/
wayvnc
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

pios-control: wayvnc-generate-keys: Use ECDSA instead of RSA for TLS

pios
Andri Yngvason 2024-01-11 21:27:06 +00:00
parent 15167528af
commit 29e503117c
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
pios-control/usr/sbin/wayvnc-generate-keys.sh
View File

@ -19,8 +19,9 @@ generate_tls_creds()
KEY_FILE="$WAYVNC_CONFIG_PATH/tls_key.pem" KEY_FILE="$WAYVNC_CONFIG_PATH/tls_key.pem"
CERT_FILE="$WAYVNC_CONFIG_PATH/tls_cert.pem" CERT_FILE="$WAYVNC_CONFIG_PATH/tls_cert.pem"
HOSTNAME=$(cat /etc/hostname) HOSTNAME=$(cat /etc/hostname)
openssl req -x509 -newkey rsa:4096 -sha256 -days 3650 -nodes \ openssl req -x509 -newkey ec -pkeyopt ec_paramgen_curve:secp384r1 \
-keyout "$KEY_FILE" -out "$CERT_FILE" -subj /CN=$HOSTNAME \ -sha384 -days 3650 -nodes -keyout "$KEY_FILE" \
-out "$CERT_FILE" -subj /CN=$HOSTNAME \
-addext subjectAltName=DNS:localhost,DNS:$HOSTNAME,DNS:$HOSTNAME.local 2>/dev/null -addext subjectAltName=DNS:localhost,DNS:$HOSTNAME,DNS:$HOSTNAME.local 2>/dev/null
chown root:vnc "$KEY_FILE" "$CERT_FILE" chown root:vnc "$KEY_FILE" "$CERT_FILE"
chmod 640 "$KEY_FILE" "$CERT_FILE" chmod 640 "$KEY_FILE" "$CERT_FILE"