From 332f7bb2ae1bc73aa099aab4a3e3cefaeff75b30 Mon Sep 17 00:00:00 2001
From: MiWCryptAnalytics <MiWCryptAnalytics@gmail.com>
Date: Sat, 15 Apr 2017 16:23:15 -0400
Subject: [PATCH] Increase CA key entropy to 128bit (#415)

Changes the default CA key size from 48 bit to 128bit with OpenSSL usermode CSPRNG with hex encoding
---
 roles/vpn/tasks/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/vpn/tasks/main.yml b/roles/vpn/tasks/main.yml
index 5ec7f3db..006479d7 100644
--- a/roles/vpn/tasks/main.yml
+++ b/roles/vpn/tasks/main.yml
@@ -8,7 +8,7 @@
 
 - name: Generate password for the CA key
   shell: >
-    openssl rand -hex 6
+    openssl rand -hex 16
   register: CA_password
 
 - set_fact: