Doron Fediuck has posted comments on this change. Change subject: packaging: Updated default encryption key size to 2048 (#800397) ......................................................................
Patch Set 1: (2 inline comments) Hi Alex, In order to verify it, please make sure to check all the way; ie- you should (at least) install a vdsm host as well, as it uses some of the files you changed here. I suspect you have a few more places you'll need to update, such as the scripts that generate CSR in the hosts (node and standard platforms). .................................................... File backend/manager/conf/ca/cert.template Line 4: default_bits = rsa:2048 IIRC, this is relevant to the backend and host certificate requests (and not the CA). Did you check the request generated in the host matches this policy? What happens if not? .................................................... File backend/manager/conf/ca/CreateReq.sh Line 51: openssl req -newkey rsa:2048 -config cert.conf -out requests/$5.req -keyout keys/$5.pem I do not think this line is being used.... Care to verify it? -- To view, visit http://gerrit.ovirt.org/4389 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: comment Gerrit-Change-Id: Iaf749134b31665659475c5ef8d8670f88c10bab6 Gerrit-PatchSet: 1 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Alex Lourie <[email protected]> Gerrit-Reviewer: Alex Lourie <[email protected]> Gerrit-Reviewer: Doron Fediuck <[email protected]> Gerrit-Reviewer: Ofer Schreiber <[email protected]> _______________________________________________ Engine-patches mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/engine-patches
