docs: Change examples to generate 2048 bit RSA keys.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2711 44740490-163a-0410-bde0-09ae8108e29a

docs: Change examples to generate 2048 bit RSA keys.
976d0a0e · Olav Morken · 4b5a039f · 976d0a0e · 976d0a0e · 976d0a0e
Commit 976d0a0e authored 14 years ago by Olav Morken
--- a/docs/simplesamlphp-artifact-sp.txt
+++ b/docs/simplesamlphp-artifact-sp.txt
@@ -11,7 +11,7 @@ This is used for SSL client authentication when contacting the IdP.

 To generate a private key and certificate, you may use the `openssl` commandline utility:

-    openssl req -new -x509 -days 3652 -nodes -out sp.example.org.crt -keyout sp.example.org.pem
+    openssl req -newkey rsa:2048 -new -x509 -days 3652 -nodes -out sp.example.org.crt -keyout sp.example.org.pem

 You can then add the private key and certificate to the SP configuration.
 When this is done, you can add the metadata of your SP to the IdP, and test the authentication.

--- a/docs/simplesamlphp-googleapps.txt
+++ b/docs/simplesamlphp-googleapps.txt
@@ -45,7 +45,7 @@ For test purposes, you can skip this section, and use the certificate included i

 Here is an example of openssl commands to generate a new key and a self signed certificate to use for signing SAML messages:

-    openssl genrsa -des3 -out googleappsidp.key 1024 
+    openssl genrsa -des3 -out googleappsidp.key 2048
    openssl rsa -in googleappsidp.key -out googleappsidp.pem
    openssl req -new -key googleappsidp.key -out googleappsidp.csr
    openssl x509 -req -days 9999 -in googleappsidp.csr -signkey googleappsidp.key -out googleappsidp.crt

--- a/docs/simplesamlphp-idp.txt
+++ b/docs/simplesamlphp-idp.txt
@@ -189,7 +189,7 @@ Here is an example of an `openssl`-command which can be used to generate a new p

 This key and certificate can be used to sign SAML messages:

-    openssl req -new -x509 -days 3652 -nodes -out example.org.crt -keyout example.org.pem
+    openssl req -newkey rsa:2048 -new -x509 -days 3652 -nodes -out example.org.crt -keyout example.org.pem

 The certificate above will be valid for 10 years.


--- a/docs/simplesamlphp-sp.txt
+++ b/docs/simplesamlphp-sp.txt
@@ -51,7 +51,7 @@ Some Identity Providers / Federations may require that your Service Providers ho
 Create a self-signed certificate in the `cert/` directory.

 	cd cert
-	openssl req -new -x509 -days 3652 -nodes -out saml.crt -keyout saml.pem
+	openssl req -newkey rsa:2048 -new -x509 -days 3652 -nodes -out saml.crt -keyout saml.pem


 Then edit your `authsources.php` entry, and add references to your certificate:

--- a/docs/simplesamlphp-ukaccess.txt
+++ b/docs/simplesamlphp-ukaccess.txt
@@ -35,7 +35,7 @@ If you enable a certificate for your Service Provider, it may be able to sign re
 Create a self-signed certificate in the `cert/` directory.

 	cd cert
-	openssl req -new -x509 -days 3652 -nodes -out saml.crt -keyout saml.pem
+	openssl req -newkey rsa:2048 -new -x509 -days 3652 -nodes -out saml.crt -keyout saml.pem


 Then edit your `authsources.php` entry, and add references to your certificate: