From 75bbeb4f9b29a073ef420b3fe592c8cf30703493 Mon Sep 17 00:00:00 2001 From: Erich Eckner Date: Mon, 30 Nov 2020 22:33:52 +0100 Subject: etc/ca-ssl.conf: sha1 -> sha256 --- etc/ca-ssl.conf.in | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/etc/ca-ssl.conf.in b/etc/ca-ssl.conf.in index 7f6a190..fa8054c 100644 --- a/etc/ca-ssl.conf.in +++ b/etc/ca-ssl.conf.in @@ -15,7 +15,7 @@ dir = #ETCDIR#/simple-pki # Top dir [ req ] default_bits = 4096 # RSA key size encrypt_key = no # Protect private key -default_md = sha1 # MD to use +default_md = sha256 # MD to use utf8 = yes # Input is UTF-8 string_mask = utf8only # Emit UTF-8 strings prompt = no # Don't prompt for DN @@ -47,7 +47,7 @@ crlnumber = $dir/ca/$ca/db/$ca.crl.srl # CRL number file database = $dir/ca/$ca/db/$ca.db # Index file unique_subject = no # Require unique subject default_days = 365 # How long to certify for -default_md = sha1 # MD to use +default_md = sha256 # MD to use policy = match_pol # Default naming policy email_in_dn = no # Add email to cert DN preserve = no # Keep passed DN ordering @@ -67,7 +67,7 @@ crlnumber = $dir/ca/$ca/db/$ca.crl.srl # CRL number file database = $dir/ca/$ca/db/$ca.db # Index file unique_subject = no # Require unique subject default_days = 60 # How long to certify for -default_md = sha1 # MD to use +default_md = sha256 # MD to use policy = match_pol # Default naming policy email_in_dn = no # Add email to cert DN preserve = no # Keep passed DN ordering -- cgit v1.2.3-54-g00ecf