diff options
author | olszomal <Malgorzata.Olszowka@stunnel.org> | 2023-08-21 09:29:28 +0200 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2023-08-25 15:05:51 +0200 |
commit | 10536b7f5b07aab3dc9631e94a56258155a1d942 (patch) | |
tree | d0ca8d3c14e86775c69f3d15af5d4c10a590156c /apps | |
parent | 975f372a6f7ae20e0c4c55a930a6844f2585ee6d (diff) |
Changed the default value of the "ess_cert_id_alg" option
This is used to calculate the TSA's public key certificate identifier.
The default algorithm is changed from sha1 to sha256.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21794)
Diffstat (limited to 'apps')
-rw-r--r-- | apps/openssl-vms.cnf | 4 | ||||
-rw-r--r-- | apps/openssl.cnf | 4 |
2 files changed, 4 insertions, 4 deletions
diff --git a/apps/openssl-vms.cnf b/apps/openssl-vms.cnf index 393789b424..d6d5f58db6 100644 --- a/apps/openssl-vms.cnf +++ b/apps/openssl-vms.cnf @@ -330,8 +330,8 @@ tsa_name = yes # Must the TSA name be included in the reply? # (optional, default: no) ess_cert_id_chain = no # Must the ESS cert id chain be included? # (optional, default: no) -ess_cert_id_alg = sha1 # algorithm to compute certificate - # identifier (optional, default: sha1) +ess_cert_id_alg = sha256 # algorithm to compute certificate + # identifier (optional, default: sha256) [insta] # CMP using Insta Demo CA # Message transfer diff --git a/apps/openssl.cnf b/apps/openssl.cnf index 5597d89a03..0d564d3ba5 100644 --- a/apps/openssl.cnf +++ b/apps/openssl.cnf @@ -330,8 +330,8 @@ tsa_name = yes # Must the TSA name be included in the reply? # (optional, default: no) ess_cert_id_chain = no # Must the ESS cert id chain be included? # (optional, default: no) -ess_cert_id_alg = sha1 # algorithm to compute certificate - # identifier (optional, default: sha1) +ess_cert_id_alg = sha256 # algorithm to compute certificate + # identifier (optional, default: sha256) [insta] # CMP using Insta Demo CA # Message transfer |