luckyimnotanigger/forgejo
1
0
Fork 0
mirror of https://codeberg.org/forgejo/forgejo.git synced 2025-06-01 20:32:11 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 7

Expanded minimum RSA Keylength to 3072 (#26604)

Browse source 
German Federal Office for Information Security requests in its technical
guideline BSI TR-02102-1 RSA Keylength not shorter than 3000bits
starting 2024, in the year 2023 3000bits as a recommendation. Gitea
should request longer RSA Keys by default in favor of security and drop
old clients which do not support longer keys.


https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/TechnischeRichtlinien/TR02102/BSI-TR-02102.pdf?__blob=publicationFile&v=9
- Page 19, Table 1.2

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
This commit is contained in:
mainboarder 2023-08-28 02:53:16 +02:00 committed by GitHub
parent 2401e6e121
commit c533991519
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
10 changed files with 12 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

2
docs/content/administration/command-line.zh-cn.md
View file

@ -295,7 +295,7 @@ menu:
- 选项:
- `--host value`逗号分隔的主机名和IP地址列表此证书适用于这些主机。支持使用通配符。必填。
- `--ecdsa-curve value`用于生成密钥的ECDSA曲线。可选。有效选项为P224、P256、P384、P521。
- `--rsa-bits value`要生成的RSA密钥的大小。可选。如果设置了--ecdsa-curve则忽略此选项。默认值2048)。
- `--rsa-bits value`要生成的RSA密钥的大小。可选。如果设置了--ecdsa-curve则忽略此选项。默认值3072)。
- `--start-date value`:证书的创建日期。可选。(格式:`Jan 1 15:04:05 2011`)。
- `--duration value`证书有效期。可选。默认值8760h0m0s
- `--ca`:如果提供此选项,则证书将生成自己的证书颁发机构。可选。