From 976d0a0e2a96c0055541ba41f64918c812e8d6eb Mon Sep 17 00:00:00 2001
From: Olav Morken <olav.morken@uninett.no>
Date: Wed, 12 Jan 2011 14:25:46 +0000
Subject: [PATCH] docs: Change examples to generate 2048 bit RSA keys.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2711 44740490-163a-0410-bde0-09ae8108e29a
---
 docs/simplesamlphp-artifact-sp.txt | 2 +-
 docs/simplesamlphp-googleapps.txt  | 2 +-
 docs/simplesamlphp-idp.txt         | 2 +-
 docs/simplesamlphp-sp.txt          | 2 +-
 docs/simplesamlphp-ukaccess.txt    | 2 +-
 5 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/docs/simplesamlphp-artifact-sp.txt b/docs/simplesamlphp-artifact-sp.txt
index c71b62acd..afcebcf0c 100644
--- a/docs/simplesamlphp-artifact-sp.txt
+++ b/docs/simplesamlphp-artifact-sp.txt
@@ -11,7 +11,7 @@ This is used for SSL client authentication when contacting the IdP.
 
 To generate a private key and certificate, you may use the `openssl` commandline utility:
 
-    openssl req -new -x509 -days 3652 -nodes -out sp.example.org.crt -keyout sp.example.org.pem
+    openssl req -newkey rsa:2048 -new -x509 -days 3652 -nodes -out sp.example.org.crt -keyout sp.example.org.pem
 
 You can then add the private key and certificate to the SP configuration.
 When this is done, you can add the metadata of your SP to the IdP, and test the authentication.
diff --git a/docs/simplesamlphp-googleapps.txt b/docs/simplesamlphp-googleapps.txt
index 0ceaf1658..01019b913 100644
--- a/docs/simplesamlphp-googleapps.txt
+++ b/docs/simplesamlphp-googleapps.txt
@@ -45,7 +45,7 @@ For test purposes, you can skip this section, and use the certificate included i
 
 Here is an example of openssl commands to generate a new key and a self signed certificate to use for signing SAML messages:
 
-    openssl genrsa -des3 -out googleappsidp.key 1024 
+    openssl genrsa -des3 -out googleappsidp.key 2048
     openssl rsa -in googleappsidp.key -out googleappsidp.pem
     openssl req -new -key googleappsidp.key -out googleappsidp.csr
     openssl x509 -req -days 9999 -in googleappsidp.csr -signkey googleappsidp.key -out googleappsidp.crt
diff --git a/docs/simplesamlphp-idp.txt b/docs/simplesamlphp-idp.txt
index 3266397bf..4be6f07fa 100644
--- a/docs/simplesamlphp-idp.txt
+++ b/docs/simplesamlphp-idp.txt
@@ -189,7 +189,7 @@ Here is an example of an `openssl`-command which can be used to generate a new p
 
 This key and certificate can be used to sign SAML messages:
 
-    openssl req -new -x509 -days 3652 -nodes -out example.org.crt -keyout example.org.pem
+    openssl req -newkey rsa:2048 -new -x509 -days 3652 -nodes -out example.org.crt -keyout example.org.pem
 
 The certificate above will be valid for 10 years.
 
diff --git a/docs/simplesamlphp-sp.txt b/docs/simplesamlphp-sp.txt
index 864a14450..e229b1c1a 100644
--- a/docs/simplesamlphp-sp.txt
+++ b/docs/simplesamlphp-sp.txt
@@ -51,7 +51,7 @@ Some Identity Providers / Federations may require that your Service Providers ho
 Create a self-signed certificate in the `cert/` directory.
 
 	cd cert
-	openssl req -new -x509 -days 3652 -nodes -out saml.crt -keyout saml.pem
+	openssl req -newkey rsa:2048 -new -x509 -days 3652 -nodes -out saml.crt -keyout saml.pem
 
 
 Then edit your `authsources.php` entry, and add references to your certificate:
diff --git a/docs/simplesamlphp-ukaccess.txt b/docs/simplesamlphp-ukaccess.txt
index fe07cc223..c2bee6c9a 100644
--- a/docs/simplesamlphp-ukaccess.txt
+++ b/docs/simplesamlphp-ukaccess.txt
@@ -35,7 +35,7 @@ If you enable a certificate for your Service Provider, it may be able to sign re
 Create a self-signed certificate in the `cert/` directory.
 
 	cd cert
-	openssl req -new -x509 -days 3652 -nodes -out saml.crt -keyout saml.pem
+	openssl req -newkey rsa:2048 -new -x509 -days 3652 -nodes -out saml.crt -keyout saml.pem
 
 
 Then edit your `authsources.php` entry, and add references to your certificate:
-- 
GitLab