From 544c86b8e41746ee793fdf0c4f401a572131dd82 Mon Sep 17 00:00:00 2001
From: Chris Conlon <chris@wolfssl.com>
Date: Fri, 20 Jun 2014 10:16:07 -0600
Subject: [PATCH] update taoCerts.txt to use 1024 RSA by default, SHA1 instead
 of MD5

---
 certs/taoCert.txt | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/certs/taoCert.txt b/certs/taoCert.txt
index 15a12c059..798660767 100644
--- a/certs/taoCert.txt
+++ b/certs/taoCert.txt
@@ -1,11 +1,11 @@
 
 ***** Create a self signed cert ************
 
-1) openssl genrsa 512 > client-key.pem
+1) openssl genrsa 1024 > client-key.pem
 
-2) openssl req -new -x509 -nodes -md5 -days 1000 -key client-key.pem > client-cert.pem
+2) openssl req -new -x509 -nodes -sha1 -days 1000 -key client-key.pem > client-cert.pem
 
-3) note sha1 would be -sha1
+3) note md5 would be -md5
 
 -- adding metadata to beginning
 
@@ -21,13 +21,13 @@ same as self signed, use ca prefix instead of client
 
 ***** Create a cert signed by CA **************
 
-1) openssl req -newkey rsa:512 -md5 -days 1000 -nodes -keyout server-key.pem > server-req.pem
+1) openssl req -newkey rsa:1024 -sha1 -days 1000 -nodes -keyout server-key.pem > server-req.pem
 
 * note if using exisitng key do: -new -key keyName
 
 2) copy ca-key.pem ca-cert.srl   (why ????)
 
-3) openssl x509 -req -in server-req.pem -days 1000 -md5 -CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 > server-cert.pem
+3) openssl x509 -req -in server-req.pem -days 1000 -sha1 -CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 > server-cert.pem
 
 
 ***** Adding Subject Key ID and Authentication Key ID extensions to a cert *****