Switch from sha1 to sha256 and from 1024 bits to 2048 bits. Do this
because things don't like the old inseucre sha1+1024bits combo.
Change-Id: Iae2958969aed0cd880844e19e8055c8bdc7d064d
... | ... |
@@ -113,11 +113,11 @@ new_certs_dir = \$dir/newcerts |
113 | 113 |
certificate = \$dir/cacert.pem |
114 | 114 |
private_key = \$dir/private/cacert.key |
115 | 115 |
RANDFILE = \$dir/private/.rand |
116 |
-default_md = default |
|
116 |
+default_md = sha256 |
|
117 | 117 |
|
118 | 118 |
[ req ] |
119 |
-default_bits = 1024 |
|
120 |
-default_md = sha1 |
|
119 |
+default_bits = 2048 |
|
120 |
+default_md = sha256 |
|
121 | 121 |
|
122 | 122 |
prompt = no |
123 | 123 |
distinguished_name = ca_distinguished_name |