diff --git a/docs/ikev2-howto-zh.md b/docs/ikev2-howto-zh.md index 68c1d63..06732f7 100644 --- a/docs/ikev2-howto-zh.md +++ b/docs/ikev2-howto-zh.md @@ -493,7 +493,7 @@ To customize IKEv2 or client options, run this script without arguments. certutil -z <(head -c 1024 /dev/urandom) \ -S -x -n "IKEv2 VPN CA" \ -s "O=IKEv2 VPN,CN=IKEv2 VPN CA" \ - -k rsa -g 4096 -v 120 \ + -k rsa -v 120 \ -d sql:/etc/ipsec.d -t "CT,," -2 ``` @@ -515,7 +515,7 @@ To customize IKEv2 or client options, run this script without arguments. certutil -z <(head -c 1024 /dev/urandom) \ -S -c "IKEv2 VPN CA" -n "$PUBLIC_IP" \ -s "O=IKEv2 VPN,CN=$PUBLIC_IP" \ - -k rsa -g 4096 -v 120 \ + -k rsa -v 120 \ -d sql:/etc/ipsec.d -t ",," \ --keyUsage digitalSignature,keyEncipherment \ --extKeyUsage serverAuth \ @@ -536,7 +536,7 @@ To customize IKEv2 or client options, run this script without arguments. certutil -z <(head -c 1024 /dev/urandom) \ -S -c "IKEv2 VPN CA" -n "vpnclient" \ -s "O=IKEv2 VPN,CN=vpnclient" \ - -k rsa -g 4096 -v 120 \ + -k rsa -v 120 \ -d sql:/etc/ipsec.d -t ",," \ --keyUsage digitalSignature,keyEncipherment \ --extKeyUsage serverAuth,clientAuth -8 "vpnclient" diff --git a/docs/ikev2-howto.md b/docs/ikev2-howto.md index 1594236..6fa936d 100644 --- a/docs/ikev2-howto.md +++ b/docs/ikev2-howto.md @@ -493,7 +493,7 @@ As an alternative to using the [helper script](#using-helper-scripts), advanced certutil -z <(head -c 1024 /dev/urandom) \ -S -x -n "IKEv2 VPN CA" \ -s "O=IKEv2 VPN,CN=IKEv2 VPN CA" \ - -k rsa -g 4096 -v 120 \ + -k rsa -v 120 \ -d sql:/etc/ipsec.d -t "CT,," -2 ``` @@ -515,7 +515,7 @@ As an alternative to using the [helper script](#using-helper-scripts), advanced certutil -z <(head -c 1024 /dev/urandom) \ -S -c "IKEv2 VPN CA" -n "$PUBLIC_IP" \ -s "O=IKEv2 VPN,CN=$PUBLIC_IP" \ - -k rsa -g 4096 -v 120 \ + -k rsa -v 120 \ -d sql:/etc/ipsec.d -t ",," \ --keyUsage digitalSignature,keyEncipherment \ --extKeyUsage serverAuth \ @@ -536,7 +536,7 @@ As an alternative to using the [helper script](#using-helper-scripts), advanced certutil -z <(head -c 1024 /dev/urandom) \ -S -c "IKEv2 VPN CA" -n "vpnclient" \ -s "O=IKEv2 VPN,CN=vpnclient" \ - -k rsa -g 4096 -v 120 \ + -k rsa -v 120 \ -d sql:/etc/ipsec.d -t ",," \ --keyUsage digitalSignature,keyEncipherment \ --extKeyUsage serverAuth,clientAuth -8 "vpnclient" diff --git a/extras/ikev2setup.sh b/extras/ikev2setup.sh index 5e92899..bdb092c 100755 --- a/extras/ikev2setup.sh +++ b/extras/ikev2setup.sh @@ -653,7 +653,7 @@ create_client_cert() { certutil -z <(head -c 1024 /dev/urandom) \ -S -c "IKEv2 VPN CA" -n "$client_name" \ -s "O=IKEv2 VPN,CN=$client_name" \ - -k rsa -g 4096 -v "$client_validity" \ + -k rsa -v "$client_validity" \ -d sql:/etc/ipsec.d -t ",," \ --keyUsage digitalSignature,keyEncipherment \ --extKeyUsage serverAuth,clientAuth -8 "$client_name" >/dev/null 2>&1 || exiterr "Failed to create client certificate." @@ -931,7 +931,7 @@ create_ca_server_certs() { certutil -z <(head -c 1024 /dev/urandom) \ -S -x -n "IKEv2 VPN CA" \ -s "O=IKEv2 VPN,CN=IKEv2 VPN CA" \ - -k rsa -g 4096 -v 120 \ + -k rsa -v 120 \ -d sql:/etc/ipsec.d -t "CT,," -2 >/dev/null 2>&1 <