преди 10 години · 0de2445636
--- a/beaglebone.txt
+++ b/beaglebone.txt
@@ -2647,6 +2647,7 @@ UNIT="Freedombone Unit"
 
				 
			
 
				 openssl req \
			
 
				   -x509 -nodes -days 3650 \
			
 
				+  -sha256 \
			
 
				   -subj "/O=$ORGANISATION/OU=$UNIT/C=$COUNTRY_CODE/ST=$AREA/L=$LOCATION/CN=$HOSTNAME" \
			
 
				   -newkey rsa:2048 \
			
 
				   -keyout /etc/ssl/private/$HOSTNAME.key \
			
@@ -3420,7 +3421,7 @@ Create some ssl certificates:
 
				 #+BEGIN_SRC: bash
			
 
				 mkdir /home/ircserver/ircd/ssl
			
 
				 openssl genrsa -out /home/ircserver/ircd/ssl/ircd.key 4096
			
 
				-openssl req -new -x509 -key /home/ircserver/ircd/ssl/ircd.key -out /home/ircserver/ircd/ssl/ircd.pem -days 3650
			
 
				+openssl req -new -x509 -sha256 -key /home/ircserver/ircd/ssl/ircd.key -out /home/ircserver/ircd/ssl/ircd.pem -days 3650
			
 
				 #+END_SRC
			
 
				 
			
 
				 You will be asked for some details. The next step will take a few minutes to gather entropy, so go and do something else.
			
@@ -4031,7 +4032,7 @@ Generate a SSL certificate.
 
				 
			
 
				 #+BEGIN_SRC: bash
			
 
				 openssl genrsa -out /etc/ssl/private/xmpp.key 4096
			
 
				-openssl req -new -x509 -key /etc/ssl/private/xmpp.key -out /etc/ssl/certs/xmpp.crt -days 3650
			
 
				+openssl req -new -x509 -sha256 -key /etc/ssl/private/xmpp.key -out /etc/ssl/certs/xmpp.crt -days 3650
			
 
				 #+END_SRC
			
 
				 
			
 
				 Change permissions.
			
@@ -7818,7 +7819,7 @@ Recreate the XMPP certificate:
 
				 
			
 
				 #+BEGIN_SRC: bash
			
 
				 openssl genrsa -out /etc/ssl/private/xmpp.key 4096
			
 
				-openssl req -new -x509 -key /etc/ssl/private/xmpp.key -out /etc/ssl/certs/xmpp.crt -days 3650
			
 
				+openssl req -new -sha256 -x509 -key /etc/ssl/private/xmpp.key -out /etc/ssl/certs/xmpp.crt -days 3650
			
 
				 chmod 600 /etc/ssl/private/xmpp.key
			
 
				 chmod 600 /etc/ssl/certs/xmpp.crt
			
 
				 chown prosody:prosody /etc/ssl/private/xmpp.key
			
@@ -7829,7 +7830,7 @@ And regenerate the IRC server keys:
 
				 
			
 
				 #+BEGIN_SRC: bash
			
 
				 openssl genrsa -out /home/ircserver/ircd/ssl/ircd.key 4096
			
 
				-openssl req -new -x509 -key /home/ircserver/ircd/ssl/ircd.key -out /home/ircserver/ircd/ssl/ircd.pem -days 3650
			
 
				+openssl req -new -x509 -sha256 -key /home/ircserver/ircd/ssl/ircd.key -out /home/ircserver/ircd/ssl/ircd.pem -days 3650
			
 
				 openssl dhparam -out /home/ircserver/ircd/ssl/dhparam.pem 1024
			
 
				 #+END_SRC
			
 
				 
			
@@ -7946,7 +7947,7 @@ mkdir /etc/ssl/requests
 
				 Now make a certificate request as follows.  You should copy and paste the whole of this, not just line by line.
			
 
				 
			
 
				 #+BEGIN_SRC: bash
			
 
				-openssl req -new -key /etc/ssl/private/$HOSTNAME.key -out /etc/ssl/requests/$HOSTNAME.csr
			
 
				+openssl req -new -sha256 -key /etc/ssl/private/$HOSTNAME.key -out /etc/ssl/requests/$HOSTNAME.csr
			
 
				 #+END_SRC
			
 
				 
			
 
				 For the email address it's a good idea to use postmaster@mydomainname.