doc: update openssl commands to use best practices

This updates key size to 2048 and default hash function to sha256. Reviewed-By: Fedor Indutny <fedor@indutny.com> PR-URL: https://github.com/joyent/node/pull/8690
author: Eric Mill <eric@konklone.com> 2014-11-07 10:05:00 -0500
committer: Fedor Indutny <fedor@indutny.com> 2014-11-11 20:39:57 +0300
commit: 88bd95cfef5973de0027b8eb5210e5e97252c7e2 (patch)
tree: c9bf49b4a4b025037db6f359d32f8f771fc84457
parent: d435f4b3eb53011f3dd00230e1818fa2720d6beb (diff)
download: node-88bd95cfef5973de0027b8eb5210e5e97252c7e2.tar.gz
1 files changed, 2 insertions, 2 deletions
diff --git a/doc/api/tls.markdown b/doc/api/tls.markdown
index 805f9e75b..ae75e0fe1 100644
--- a/doc/api/tls.markdown
+++ b/doc/api/tls.markdown
@@ -10,14 +10,14 @@ Secure Socket Layer: encrypted stream communication.
 TLS/SSL is a public/private key infrastructure. Each client and each
 server must have a private key. A private key is created like this:
 
-    openssl genrsa -out ryans-key.pem 1024
+    openssl genrsa -out ryans-key.pem 2048
 
 All servers and some clients need to have a certificate. Certificates are public
 keys signed by a Certificate Authority or self-signed. The first step to
 getting a certificate is to create a "Certificate Signing Request" (CSR)
 file. This is done with:
 
-    openssl req -new -key ryans-key.pem -out ryans-csr.pem
+    openssl req -new -sha256 -key ryans-key.pem -out ryans-csr.pem
 
 To create a self-signed certificate with the CSR, do this:
author	Eric Mill <eric@konklone.com>	2014-11-07 10:05:00 -0500
committer	Fedor Indutny <fedor@indutny.com>	2014-11-11 20:39:57 +0300
commit	88bd95cfef5973de0027b8eb5210e5e97252c7e2 (patch)
tree	c9bf49b4a4b025037db6f359d32f8f771fc84457
parent	d435f4b3eb53011f3dd00230e1818fa2720d6beb (diff)
download	node-88bd95cfef5973de0027b8eb5210e5e97252c7e2.tar.gz