Use a stronger self-signed certificate (4096 bit).

README.md

@@ -10,7 +10,7 @@ This Dockerfile installs Tiny Tiny RSS (TT-RSS) with the following features:
 - Integrated [Feedly theme](https://github.com/levito/tt-rss-feedly-theme)
 - Integrated [FeedIron plugin](https://github.com/m42e/ttrss_plugin-feediron) to get modify feeds
 - Integrated [Mobilize plugin](https://github.com/sepich/tt-rss-mobilize) for using Readability, Instapaper + Google Mobilizer
-- Optional: Self-signed 2048-bit RSA TLS certificate for accessing TT-RSS via https
+- Optional: Self-signed 4096-bit RSA TLS certificate for accessing TT-RSS via https
 - Originally was based on [clue/docker-ttrss](https://github.com/clue/docker-ttrss)
 
 A ready-to-use Docker image is available at [Docker Hub](https://hub.docker.com/r/x86dev/docker-ttrss/)

root/srv/setup-ttrss.sh

@@ -15,7 +15,7 @@ setup_nginx()
         if [ ! -f "/etc/ssl/private/ttrss.key" ]; then
             echo "Setup: Generating self-signed certificate ..."
             # Generate the TLS certificate for our Tiny Tiny RSS server instance.
-            openssl req -new -newkey rsa:2048 -days 3650 -nodes -x509 \
+            openssl req -new -newkey rsa:4096 -days 3650 -nodes -x509 \
                 -subj "/C=US/ST=World/L=World/O=$TTRSS_HOST/CN=$TTRSS_HOST" \
                 -keyout "/etc/ssl/private/ttrss.key" \
                 -out "/etc/ssl/certs/ttrss.crt"