What were you trying to do that didn't work?

When setting the Crypto Policy to FUTURE, the service cannot start because the generated self-signed certificate contains a 2048 bits RSA key, which is too weak (FUTURE requires 3072 bits at least).
The reason for this is having hardcoded the key size in /usr/share/Pegasus/scripts/genOpenPegasusSSLCerts:

 92     /usr/bin/openssl genrsa -out $TMPKEY 2048

104     /usr/bin/openssl genrsa -out $PEGASUS_PEM_DIR/$PEGASUS_SSL_KEY_FILE 2048

What is the impact of this issue to you?

None, testing.

Please provide the package NVR for which the bug is seen:

tog-pegasus-2.14.1-64.el9.x86_64

How reproducible is this bug?:

Always

Steps to reproduce

1. Set Crypto Policy to FUTURE

   # update-crypto-policies --set FUTURE

2. Delete certificates if present

   # rm /etc/pki/Pegasus/ca.* /etc/pki/Pegasus/file.pem /etc/pki/Pegasus/client.pem /etc/pki/Pegasus/server.pem

3. Restart the service

   # systemctl restart tog-pegasus

Expected results

Service starts

Actual results

Failure to read the certificate:

Feb 28 10:59:24 vm-rhel9 generate-certs[3408]: Certificate request self-signature ok
Feb 28 10:59:24 vm-rhel9 generate-certs[3408]: subject=C=UK, ST=Berkshire, L=Reading, O=The Open Group, OU=The OpenPegasus Project, CN=vm-rhel9.libvirt
Feb 28 10:59:25 vm-rhel9 cimserver[3427]: cimserver not started: SSL Exception: Could not access server certificate in /etc/pki/Pegasus/server.pem.
Feb 28 10:59:25 vm-rhel9 cimserver[3427]: cimserver not started: SSL Exception: Could not access server certificate in /etc/pki/Pegasus/server.pem.
Feb 28 10:59:25 vm-rhel9 systemd[1]: tog-pegasus.service: Control process exited, code=exited, status=1/FAILURE