diff options
author | Fraser Tweedale <ftweedal@redhat.com> | 2017-03-22 15:06:16 +1100 |
---|---|---|
committer | Tomas Krizek <tkrizek@redhat.com> | 2017-03-22 12:29:23 +0100 |
commit | 1530758475c2e21dd732581ff6816e03ca74dede (patch) | |
tree | 91b6c61a9ca1e67e755faeca72b4c733341b2bb2 | |
parent | 3ea2834b76a72c97186b01487e885800754c0fbc (diff) | |
download | freeipa-1530758475c2e21dd732581ff6816e03ca74dede.tar.gz freeipa-1530758475c2e21dd732581ff6816e03ca74dede.tar.xz freeipa-1530758475c2e21dd732581ff6816e03ca74dede.zip |
Support 8192-bit RSA keys in default cert profile
Update the caIPAserviceCert profile to accept 8192-bit RSA keys.
Affects new installs only, because there is not yet a facility to
update included profiles.
Fixes: https://pagure.io/freeipa/issue/6319
Reviewed-By: Tomas Krizek <tkrizek@redhat.com>
-rw-r--r-- | install/share/profiles/caIPAserviceCert.cfg | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/install/share/profiles/caIPAserviceCert.cfg b/install/share/profiles/caIPAserviceCert.cfg index 6c5102f0d..1efd2066b 100644 --- a/install/share/profiles/caIPAserviceCert.cfg +++ b/install/share/profiles/caIPAserviceCert.cfg @@ -32,7 +32,7 @@ policyset.serverCertSet.2.default.params.startTime=0 policyset.serverCertSet.3.constraint.class_id=keyConstraintImpl policyset.serverCertSet.3.constraint.name=Key Constraint policyset.serverCertSet.3.constraint.params.keyType=RSA -policyset.serverCertSet.3.constraint.params.keyParameters=1024,2048,3072,4096 +policyset.serverCertSet.3.constraint.params.keyParameters=1024,2048,3072,4096,8192 policyset.serverCertSet.3.default.class_id=userKeyDefaultImpl policyset.serverCertSet.3.default.name=Key Default policyset.serverCertSet.4.constraint.class_id=noConstraintImpl |