183130227/tn3399_openwrt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

uhttpd: use P-256 for certs

Browse Source 
The uhttpd package takes care of creating self-signed certificates if
px5g is installed. This improves the security of router management as it
encrypts the LuCI connection.

The EC P-256 curve is faster than RSA which which improves the user
experience on embedded devices. EC P-256 is support for as old devices
as Android 4.4.

Signed-off-by: Paul Spooren <mail@aparcar.org>
This commit is contained in:
Paul Spooren 2020-08-31 11:39:39 -10:00 committed by Daniel Golle
parent fcd3e13779
commit 753309c7dd
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
package/network/services/uhttpd/files/uhttpd.config
View File

@ -119,13 +119,13 @@ config cert defaults
option days 730
# key type: rsa or ec
option key_type rsa
option key_type ec
# RSA key size
option bits 2048
# EC curve name
# Curve names vary between mbedtls/px5g and openssl
# Curve names vary between px5g-{wolfssl,mbedtls} and openssl
# P-256 or P-384 are guaranteed to work
option ec_curve P-256