new UML scenario certs have SHA256 digest
authorAndreas Steffen <andreas.steffen@strongswan.org>
Sun, 30 Aug 2009 15:58:34 +0000 (17:58 +0200)
committerAndreas Steffen <andreas.steffen@strongswan.org>
Sun, 30 Aug 2009 15:58:34 +0000 (17:58 +0200)
testing/hosts/winnetou/etc/openssl/openssl.cnf

index 4a40270..9f5935f 100644 (file)
@@ -42,7 +42,7 @@ crl_extensions        = crl_ext                 # The extentions to add to the CRL
 
 default_days    = 1825                    # how long to certify for
 default_crl_days= 30                     # how long before next CRL
-default_md      = sha1                    # which md to use.
+default_md      = sha256                  # which md to use.
 preserve        = no                      # keep passed DN ordering
 email_in_dn    = no                      # allow/forbid EMail in DN
 
@@ -146,6 +146,7 @@ subjectKeyIdentifier            = hash
 authorityKeyIdentifier          = keyid, issuer:always
 subjectAltName                 = DNS:$ENV::COMMON_NAME
 #extendedKeyUsage              = OCSPSigning
+#extendedKeyUsage              = serverAuth
 crlDistributionPoints                  = URI:http://crl.strongswan.org/strongswan.crl
 
 ####################################################################