1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00

ConfigureRemotingForAnsible: RSA 1024 to RSA 4096 (#23684)

This commit is contained in:
Nicolas Simond 2017-04-19 13:21:25 +02:00 committed by René Moser
parent 33d7c12a97
commit a40450d40a

View file

@ -31,6 +31,7 @@
# Updated by Chris Church <cchurch@ansible.com> # Updated by Chris Church <cchurch@ansible.com>
# Updated by Michael Crilly <mike@autologic.cm> # Updated by Michael Crilly <mike@autologic.cm>
# Updated by Anton Ouzounov <Anton.Ouzounov@careerbuilder.com> # Updated by Anton Ouzounov <Anton.Ouzounov@careerbuilder.com>
# Updated by Nicolas Simond <contact@nicolas-simond.com>
# Updated by Dag Wieërs <dag@wieers.com> # Updated by Dag Wieërs <dag@wieers.com>
# Updated by Jordan Borean <jborean93@gmail.com> # Updated by Jordan Borean <jborean93@gmail.com>
# #
@ -40,13 +41,14 @@
# Version 1.3 - 2016-04-04 # Version 1.3 - 2016-04-04
# Version 1.4 - 2017-01-05 # Version 1.4 - 2017-01-05
# Version 1.5 - 2017-02-09 # Version 1.5 - 2017-02-09
# Version 1.6 - 2017-04-18
# Support -Verbose option # Support -Verbose option
[CmdletBinding()] [CmdletBinding()]
Param ( Param (
[string]$SubjectName = $env:COMPUTERNAME, [string]$SubjectName = $env:COMPUTERNAME,
[int]$CertValidityDays = 365, [int]$CertValidityDays = 1095,
[switch]$SkipNetworkProfileCheck, [switch]$SkipNetworkProfileCheck,
$CreateSelfSignedCert = $true, $CreateSelfSignedCert = $true,
[switch]$ForceNewSSLCert, [switch]$ForceNewSSLCert,
@ -77,7 +79,7 @@ Function New-LegacySelfSignedCert
{ {
Param ( Param (
[string]$SubjectName, [string]$SubjectName,
[int]$ValidDays = 365 [int]$ValidDays = 1095
) )
$name = New-Object -COM "X509Enrollment.CX500DistinguishedName.1" $name = New-Object -COM "X509Enrollment.CX500DistinguishedName.1"
@ -86,7 +88,7 @@ Function New-LegacySelfSignedCert
$key = New-Object -COM "X509Enrollment.CX509PrivateKey.1" $key = New-Object -COM "X509Enrollment.CX509PrivateKey.1"
$key.ProviderName = "Microsoft RSA SChannel Cryptographic Provider" $key.ProviderName = "Microsoft RSA SChannel Cryptographic Provider"
$key.KeySpec = 1 $key.KeySpec = 1
$key.Length = 1024 $key.Length = 4096
$key.SecurityDescriptor = "D:PAI(A;;0xd01f01ff;;;SY)(A;;0xd01f01ff;;;BA)(A;;0x80120089;;;NS)" $key.SecurityDescriptor = "D:PAI(A;;0xd01f01ff;;;SY)(A;;0xd01f01ff;;;BA)(A;;0x80120089;;;NS)"
$key.MachineContext = 1 $key.MachineContext = 1
$key.Create() $key.Create()