summaryrefslogtreecommitdiffstats
path: root/apps/openssl-vms.cnf
diff options
context:
space:
mode:
authorDr. Stephen Henson <steve@openssl.org>2015-11-19 15:50:15 +0000
committerDr. Stephen Henson <steve@openssl.org>2015-11-20 13:40:53 +0000
commit2cc7acd273bc39f1360aed52400d18bb65b88a95 (patch)
tree1b18d8ea7223e4d5919d8927cca4978755070636 /apps/openssl-vms.cnf
parente20b47275109aafc559446d731e6baad4a1f55d1 (diff)
Use better defaults for TSA.
Use SHA256 for TSA and setted permitted digests to a sensible value. Based on PR#4141 Reviewed-by: Matt Caswell <matt@openssl.org>
Diffstat (limited to 'apps/openssl-vms.cnf')
-rw-r--r--apps/openssl-vms.cnf2
1 files changed, 1 insertions, 1 deletions
diff --git a/apps/openssl-vms.cnf b/apps/openssl-vms.cnf
index ba6977c01c..51a296b2d8 100644
--- a/apps/openssl-vms.cnf
+++ b/apps/openssl-vms.cnf
@@ -340,7 +340,7 @@ signer_digest = sha1 # Signing digest to use. (Optional)
default_policy = tsa_policy1 # Policy if request did not specify it
# (optional)
other_policies = tsa_policy2, tsa_policy3 # acceptable policies (optional)
-digests = md5, sha1 # Acceptable message digests (mandatory)
+digests = sha1, sha256, sha384, sha512 # Acceptable message digests (mandatory)
accuracy = secs:1, millisecs:500, microsecs:100 # (optional)
clock_precision_digits = 0 # number of digits after dot. (optional)
ordering = yes # Is ordering defined for timestamps?