etc/ca-ssl.conf: sha1 -> sha256v0.4

1 files changed, 3 insertions, 3 deletions

diff --git a/etc/ca-ssl.conf.in b/etc/ca-ssl.conf.in
index 7f6a190..fa8054c 100644
--- a/etc/ca-ssl.conf.in
+++ b/etc/ca-ssl.conf.in
@@ -15,7 +15,7 @@ dir                     = #ETCDIR#/simple-pki   # Top dir
 [ req ]
 default_bits            = 4096                  # RSA key size
 encrypt_key             = no                    # Protect private key
-default_md              = sha1                  # MD to use
+default_md              = sha256                # MD to use
 utf8                    = yes                   # Input is UTF-8
 string_mask             = utf8only              # Emit UTF-8 strings
 prompt                  = no                    # Don't prompt for DN
@@ -47,7 +47,7 @@ crlnumber               = $dir/ca/$ca/db/$ca.crl.srl # CRL number file
 database                = $dir/ca/$ca/db/$ca.db # Index file
 unique_subject          = no                    # Require unique subject
 default_days            = 365                   # How long to certify for
-default_md              = sha1                  # MD to use
+default_md              = sha256                # MD to use
 policy                  = match_pol             # Default naming policy
 email_in_dn             = no                    # Add email to cert DN
 preserve                = no                    # Keep passed DN ordering
@@ -67,7 +67,7 @@ crlnumber               = $dir/ca/$ca/db/$ca.crl.srl # CRL number file
 database                = $dir/ca/$ca/db/$ca.db # Index file
 unique_subject          = no                    # Require unique subject
 default_days            = 60                    # How long to certify for
-default_md              = sha1                  # MD to use
+default_md              = sha256                # MD to use
 policy                  = match_pol             # Default naming policy
 email_in_dn             = no                    # Add email to cert DN
 preserve                = no                    # Keep passed DN ordering