dave/coolify
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

feat(ssl): migrate to ECCcertificates using secp521r1

Browse Source 
- Replace RSA 4096 with ECDSA secp521r1 for stronger security (256-bit vs 112-bit)
- Faster certificate generation (3-4x speed improvement)
- 75% smaller key sizes (0.8KB vs 3.2KB) improves storage and transmission
This commit is contained in:
peaklabs-dev
2025-01-30 19:21:18 +01:00
parent b53d3d07d9
commit d280f11b6b
1 changed files with 2 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
app/Helpers/SslHelper.php
View File

@@ -23,9 +23,8 @@ class SslHelper
try { try {
$privateKey = openssl_pkey_new([ $privateKey = openssl_pkey_new([
'private_key_type' => OPENSSL_KEYTYPE_RSA, 'private_key_type' => OPENSSL_KEYTYPE_EC,
'private_key_bits' => 4096, 'curve_name' => 'secp521r1',
'encrypt_key' => false,
]); ]);
if ($privateKey === false) { if ($privateKey === false) {