Use better defaults for TSA.

Use SHA256 for TSA and setted permitted digests to a sensible value. Based on PR#4141 Reviewed-by: Matt Caswell <matt@openssl.org>
author: Dr. Stephen Henson <steve@openssl.org> 2015-11-19 15:50:15 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2015-11-20 13:40:53 +0000
commit: 2cc7acd273bc39f1360aed52400d18bb65b88a95 (patch)
tree: 1b18d8ea7223e4d5919d8927cca4978755070636 /apps/openssl-vms.cnf
parent: e20b47275109aafc559446d731e6baad4a1f55d1 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/apps/openssl-vms.cnf b/apps/openssl-vms.cnf
index ba6977c01c..51a296b2d8 100644
--- a/apps/openssl-vms.cnf
+++ b/apps/openssl-vms.cnf
@@ -340,7 +340,7 @@ signer_digest  = sha1			# Signing digest to use. (Optional)
 default_policy	= tsa_policy1		# Policy if request did not specify it
 					# (optional)
 other_policies	= tsa_policy2, tsa_policy3	# acceptable policies (optional)
-digests		= md5, sha1		# Acceptable message digests (mandatory)
+digests     = sha1, sha256, sha384, sha512  # Acceptable message digests (mandatory)
 accuracy	= secs:1, millisecs:500, microsecs:100	# (optional)
 clock_precision_digits  = 0	# number of digits after dot. (optional)
 ordering		= yes	# Is ordering defined for timestamps?
author	Dr. Stephen Henson <steve@openssl.org>	2015-11-19 15:50:15 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2015-11-20 13:40:53 +0000
commit	2cc7acd273bc39f1360aed52400d18bb65b88a95 (patch)
tree	1b18d8ea7223e4d5919d8927cca4978755070636 /apps/openssl-vms.cnf
parent	e20b47275109aafc559446d731e6baad4a1f55d1 (diff)