From 713ad1ddca06b2c8bc0d355fdef43b3d515cc1ed Mon Sep 17 00:00:00 2001 From: Cryptophobia Date: Fri, 16 Apr 2021 20:24:18 -0400 Subject: [PATCH] chore(charts): regenerate dhparams for router - regen dhparams on a machine with many CPUs and lots of memory :wink: - using good dev/random - protecting against a Logjam attack - openssl dhparam -out dhparams.pem 4096 489.47s user 2.57s system 99% cpu 8:14.24 total Signed-off-by: Cryptophobia --- charts/router/templates/router-dhparam-secret.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/router/templates/router-dhparam-secret.yaml b/charts/router/templates/router-dhparam-secret.yaml index 4dd8bbb..703dae0 100644 --- a/charts/router/templates/router-dhparam-secret.yaml +++ b/charts/router/templates/router-dhparam-secret.yaml @@ -7,5 +7,5 @@ metadata: heritage: deis type: Opaque data: - dhparam: {{ if not (empty .Values.dhparam) }}{{ .Values.dhparam }}{{ else }}LS0tLS1CRUdJTiBESCBQQVJBTUVURVJTLS0tLS0KTUlJQ0NBS0NBZ0VBbFhvcCtSdDN5elJhQ0VCWVJXd2E0ak1vL3NRaGt6VHdGMkhKRUZ6N3d3dXVacURHanBMcAoyQkZzK3p2dEdaYzdvaWR4MGxaemQ1dFBndVppRmllSjRvV0F2ZmFrejRJZWZ6d2tBclRBcG54WUdTK0g5aEZXClZKM2t3TzhpOFRLVVB0UXpocGN1Qm1GT09DZ2t6ZDJETHhESkc5Mmd3UXpRVTBmTWpoMFNxbnNuSXdKYWdOYzIKZHN1QnRvay9pZC9xUDFnT09VOHR0aDlObzdIV0ZSSXVaVVc0VXYvbHlybnl5anJHS2R3Zk9nZzdGT0RWNzh4KwpHVE00R1RBRkd5R1drZ0pBQldjQ21Ld3pmakV4MFNaalQ1NkNJRHBIaGxMRDNWdXNUVHFRdGhWYTlCTi9HZzk3Cmd6WjkzdStpdlU3Wnl5TEJaTEFaSXprT2swUVgrOTU3SXcrK1hOLzA5SUd1aTdOWEtkOXZ6YjQ0Wk8xRVZaWVcKZm02eHhUdFNLQVVXNFJSZVVlWHBOUlNjT0VMT0ZJdFU3c1FKaDFYOXZIQjRubXdYNlVuZzRhVjMyV21wTXMrVwpVYmgzcTFIN3YxMFdyK1FXZXR3aGd6Mk9IQytMVDV4VHp1bWVITnRobzZIYklIdHRSb3ZsNEkxQjYvaVdpMFBnCkZ6TU5qNTZkQjFYYldMVjUrOVZBZ1VwNlUzZVFjVDFoMTRwVGtYdWl2S2tMcVhSUXJEZGFkTmNnS0RCMHkvaHYKOUtpWnEzVjNkbXFBSnVIMExpQmhQdU9BZk5ZUTZzQzlYSXJhclNEanoxdmNpeGkxR1RFNGZvckRpMnJMZXdhbApRMFpOVHdGREEwYmc2UTUxQU1PQ0hLb2JMMHhTZjRHTzhCMUt6ODk2d1JIQzNKb2tMeHJ6R01zQ0FRST0KLS0tLS1FTkQgREggUEFSQU1FVEVSUy0tLS0tCg=={{ end }} + dhparam: {{ if not (empty .Values.dhparam) }}{{ .Values.dhparam }}{{ else }}LS0tLS1CRUdJTiBESCBQQVJBTUVURVJTLS0tLS0KTUlJQ0NBS0NBZ0VBMTV6UHBQcElsaTYyUC9aTHFUcHhYdnNHMUtZU2hnbzJUOFpFZ1VzM0NxTjZiSU4xSHU1VwpXNnNVdDRYWXpJNExkSWxRanlFOHZjeWhxdEl6ajIyM1hLalhXQVE1WU5ud2NZU05jVUlyTjh1YThQN2ZmNlF2CnhiWlFMbjRUY1k3N2VWMm1Ecm9MSU5TUlFzZFZGVlpiRUpmK1lOZEFOa2w4dlg5UDlIelVrdm5SaGI5cDJJOXEKWGY5dll1cEVVbXd1K1I2d2pzNnFzUTJ4akVmTGxmcnczaEdrUi9jdjBtT2QvUmVrWWRjbVlISjlUelpkM3NSZgp6cTl3ckw0RWRDNzBUSmNQcERZZXRaWUdKV3Fxa3hpKzM4eGtuV2dtNkN0cE1TdEFHMk5UVWJ2ZmRoTGpid2tmCmU4a2o4M01HalZ5ajNlTktTd0VQYlo5bXJWTFR3VWh6WkQ2bFV3eG1rQ1ZBVXl2MEZmb3BhT29PSXJuNnRUaVIKRWhmdkxZVXQvWkVZK2hPOWpFalp6alAvbEcrOFFpZWpFaW16bjFIbkt4S041WE55bkRraUxwR3p4TjNBK2RreAo0NUpuUGZDODZVTS9ZRnpRVy9zdWszTUhLTk5MSVRtVXNHZzRiTTdSYWNCT29OTm94S0hYTTI5aUE4UU9YRytBCnF2eW4wQ2lNbWN4K0NvSTN2anN2NW83Yk5OU2xvWEtCUlExMFY4VVlXZDd4eENzeDc4cTFLMHRHQUhnZWE0eEoKTW1FRGpRN2I4UXEzZC94Y05EM05ja0JGbU1VbnRVSjlUTHJSYU9WM0V2bDVYcG1JMnl1ZENHVXRuUVhleVgyRApRSHFyOEtiQmJNMGZkUFg4dUJJWVNFL0U4NVYzT294eUJ2UFJLRzRtdUN5OVp1QWFjb0Z5aG1NQ0FRST0KLS0tLS1FTkQgREggUEFSQU1FVEVSUy0tLS0tCg=={{ end }} {{ end }}{{/* if not .Values.global.experimental_native_ingress */}}