rosslh/coolify
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(ssl): migrate to ECCcertificates using secp521r1

Browse source 
- Replace RSA 4096 with ECDSA secp521r1 for stronger security (256-bit vs 112-bit)
- Faster certificate generation (3-4x speed improvement)
- 75% smaller key sizes (0.8KB vs 3.2KB) improves storage and transmission
This commit is contained in:
peaklabs-dev 2025-01-30 19:21:18 +01:00
parent b53d3d07d9
commit d280f11b6b
No known key found for this signature in database
1 changed files with 2 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
app/Helpers/SslHelper.php
View file

@ -23,9 +23,8 @@ public static function generateSslCertificate(
try {
$privateKey = openssl_pkey_new([
'private_key_type' => OPENSSL_KEYTYPE_RSA,
'private_key_bits' => 4096,
'encrypt_key' => false,
'private_key_type' => OPENSSL_KEYTYPE_EC,
'curve_name' => 'secp521r1',
]);
if ($privateKey === false) {