Browse code
Use string cert CA defaults
Switch from sha1 to sha256 and from 1024 bits to 2048 bits. Do this
because things don't like the old inseucre sha1+1024bits combo.
Change-Id: Iae2958969aed0cd880844e19e8055c8bdc7d064d
Clark Boylan authored on 2017/04/28 01:54:27Showing 1 changed files
| ... | ... |
@@ -113,11 +113,11 @@ new_certs_dir = \$dir/newcerts |
| 113 | 113 |
certificate = \$dir/cacert.pem |
| 114 | 114 |
private_key = \$dir/private/cacert.key |
| 115 | 115 |
RANDFILE = \$dir/private/.rand |
| 116 |
-default_md = default |
|
| 116 |
+default_md = sha256 |
|
| 117 | 117 |
|
| 118 | 118 |
[ req ] |
| 119 |
-default_bits = 1024 |
|
| 120 |
-default_md = sha1 |
|
| 119 |
+default_bits = 2048 |
|
| 120 |
+default_md = sha256 |
|
| 121 | 121 |
|
| 122 | 122 |
prompt = no |
| 123 | 123 |
distinguished_name = ca_distinguished_name |