From 1b14161a0e5e6cd052e65cea2617b7a6df9071aa Mon Sep 17 00:00:00 2001 From: Daniel Barlow Date: Mon, 20 Oct 2025 23:45:53 +0100 Subject: [PATCH] modern openssl needs rsa key >= 2048 per https://docs.openssl.org/3.3/man3/SSL_CTX_set_security_level/#default-callback-behaviour the default "security level" in openssl 3.3 is 2 --- pkgs/certifix-client/certifix-client.fnl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/certifix-client/certifix-client.fnl b/pkgs/certifix-client/certifix-client.fnl index 13a2d3a..9f73fc9 100644 --- a/pkgs/certifix-client/certifix-client.fnl +++ b/pkgs/certifix-client/certifix-client.fnl @@ -53,7 +53,7 @@ (local options (parse-args arg)) (fn private-key [] - (pkey.new { :type :rsa :bits 1024 })) + (pkey.new { :type :rsa :bits 2048 })) (fn signing-request [pk] (doto (csr.new)