X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=conf%2FCA%2Fmanual.sh;fp=conf%2FCA%2Fmanual.sh;h=eb391591c356dc4c96a72adb922f2f9315fe52f8;hb=924b18d7469204ceaae60d7345712ea09f75a674;hp=bb891759a2599811677d367655ecf3d6558af7a7;hpb=33e7b1a9fa15b0b699d16e359b406195b7fe87be;p=aaf%2Fauthz.git

diff --git a/conf/CA/manual.sh b/conf/CA/manual.sh
index bb891759..eb391591 100644
--- a/conf/CA/manual.sh
+++ b/conf/CA/manual.sh
@@ -35,7 +35,7 @@ EOF
 	chmod 400 private/$FQI.key 
 	SIGN_IT=true
   else 
-	echo openssl req -newkey rsa:4096 -sha256 -keyout $FQI.key -out $FQI.csr -outform PEM -subj '"'$SUBJECT'"'
+	echo openssl req -newkey rsa:2048 -sha256 -keyout $FQI.key -out $FQI.csr -outform PEM -subj '"'$SUBJECT'"'
 	echo chmod 400 $FQI.key
 	echo "# All done, print result"
 	echo openssl req -verify -text -noout -in $FQI.csr
@@ -46,7 +46,8 @@ if [ "$SIGN_IT" = "true" ]; then
   # Sign it
   openssl ca -config ../openssl.conf -extensions server_cert -out $FQI.crt \
 	-cert certs/ca.crt -keyfile private/ca.key \
-	 -policy policy_loose \
+	-policy policy_loose \
+	-days 360 \
 	-infiles $FQI.csr
 fi