testsuit/manage-ca.sh: specify key size in CSRs

specifying the key size is required by some openssl versions

Signed-off-by: Bjoern Jacke <bj@sernet.de>
Reviewed-by: Jeremy Allison <jra@samba.org>

diff --git a/selftest/manage-ca/manage-ca.sh b/selftest/manage-ca/manage-ca.sh
index ab796b718afd1d971235473d576058785c542414..8e09a93fbd8f013a717fc29ec4f9c42bbe64239b 100755 (executable)
--- a/selftest/manage-ca/manage-ca.sh
+++ b/selftest/manage-ca/manage-ca.sh
@@ -234,7 +234,7 @@ create_dc)
                "${OPENSSLCNF}" \
                ${DEFAULT_VARS} DC_DNS_NAME DC_OBJECTGUID_HEX
 
-       openssl req -new -newkey rsa -keyout "${DCKEY_PEM}" -out "${DCREQ_PEM}" -config "${OPENSSLCNF}"
+       openssl req -new -newkey rsa:${DC_BITS} -keyout "${DCKEY_PEM}" -out "${DCREQ_PEM}" -config "${OPENSSLCNF}"
        openssl rsa -in "${DCKEY_PEM}" -inform PEM -out "${DCKEY_PRIVATE_PEM}" -outform PEM
        openssl ca -config "${OPENSSLCNF}" -in "${DCREQ_PEM}" -out "${DCCERT_PEM}"
        ln -s "${DCKEY_PRIVATE_PEM_BASE}" "${DCKEY_PRIVATE_PEM_LINK}"
@@ -326,7 +326,7 @@ create_user)
                "${OPENSSLCNF}" \
                ${DEFAULT_VARS} USER_PRINCIPAL_NAME
 
-       openssl req -new -newkey rsa -keyout "${USERKEY_PEM}" -out "${USERREQ_PEM}" -config "${OPENSSLCNF}"
+       openssl req -new -newkey rsa:${USER_BITS} -keyout "${USERKEY_PEM}" -out "${USERREQ_PEM}" -config "${OPENSSLCNF}"
        openssl rsa -in "${USERKEY_PEM}" -inform PEM -out "${USERKEY_PRIVATE_PEM}" -outform PEM
        openssl ca -config "${OPENSSLCNF}" -in "${USERREQ_PEM}" -out "${USERCERT_PEM}"
        ln -s "${USERKEY_PRIVATE_PEM_BASE}" "${USERKEY_PRIVATE_PEM_LINK}"