Hacker News new | past | comments | ask | show | jobs | submit login

So what's the actual limit it is set to by default? If I get a certificate, I'm not exactly going to tell everyone to run a sudo command before opening the site :)

4096 according to the code linked to in the article - http://opensource.apple.com/source/Security/Security-55471/l...

I noticed the Certificate Assistant UI in Keychain Access only lets you choose as high as 2048 bits if you're generating certs that way.

Just looked, couldn't even find the file.


OSX 10.9

com.apple.security isn't a file, it's a preferences domain. Preference domains are stored in ~/Library/Preferences/<domain>.plist for per-user domains, and /Library/Preferences/<domain>.plist for system domains. In this case, it's stored in /Library/Preferences/com.apple.security.plist.

If a preferences domain doesn't exist (or if the key doesn't exist within the domain), the app or system default is used.

Registration is open for Startup School 2019. Classes start July 22nd.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact