Updated PKI certificate crypto strength in cert example

Updated PKI generation example to comply with current best practices. Changed key size to 4096 and hash to sha256. Updated both XML and RST. Change-Id: I3d0cb977c87c3fe2c22b63c0790bb06f6215ada2 Closes-Bug: #1480313
2015-07-31 09:28:15 -07:00 · 2015-07-31 09:28:15 -07:00 · 267bca2f5a
commit 267bca2f5a
parent b76ccd0c64
2 changed files with 4 additions and 4 deletions
--- a/doc/admin-guide-cloud-rst/source/keystone_certificates_for_pki.rst
+++ b/doc/admin-guide-cloud-rst/source/keystone_certificates_for_pki.rst
@ -136,9 +136,9 @@ Create a certificate request configuration file. For example, create the
   :linenos:

   [ req ]
-   default_bits            = 1024
+   default_bits            = 4096
   default_keyfile         = keystonekey.pem
-   default_md              = sha1
+   default_md              = sha256

   prompt                  = no
   distinguished_name      = distinguished_name
--- a/doc/common/section_keystone_certificates-for-pki.xml
+++ b/doc/common/section_keystone_certificates-for-pki.xml
@ -172,9 +172,9 @@ SrWY8lF3HrTcJT23sZIleg==</screen>
            example, create the <filename>cert_req.conf</filename>
            file, as follows:</para>
        <programlisting language="ini">[ req ]
-default_bits            = 1024
+default_bits            = 4096
 default_keyfile         = keystonekey.pem
-default_md              = sha1
+default_md              = sha256

 prompt                  = no
 distinguished_name      = distinguished_name