Menu
▾
▴
[Astlinux-commits] SF.net SVN: astlinux:[7322] branches/1.0
|
From: <abe...@us...> - 2015-11-07 22:29:23
|
Revision: 7322
http://sourceforge.net/p/astlinux/code/7322
Author: abelbeck
Date: 2015-11-07 22:29:20 +0000 (Sat, 07 Nov 2015)
Log Message:
-----------
New SSL certificate creation, deprecate SHA-1 and migrate to SHA-256. Applies only to new certificates
Modified Paths:
--------------
branches/1.0/package/webinterface/altweb/common/openssl-ipsecmobile.php
branches/1.0/package/webinterface/altweb/common/openssl-openvpn.php
branches/1.0/package/webinterface/altweb/common/openssl-sip-tls.php
branches/1.0/package/webinterface/altweb/common/openssl.php
branches/1.0/project/astlinux/target_skeleton/etc/init.d/misc
Modified: branches/1.0/package/webinterface/altweb/common/openssl-ipsecmobile.php
===================================================================
--- branches/1.0/package/webinterface/altweb/common/openssl-ipsecmobile.php 2015-11-07 15:04:04 UTC (rev 7321)
+++ branches/1.0/package/webinterface/altweb/common/openssl-ipsecmobile.php 2015-11-07 22:29:20 UTC (rev 7322)
@@ -40,27 +40,27 @@
);
$ssl['configArgs'] = array(
'config' => $ssl['config'],
- 'digest_alg' => 'sha1',
+ 'digest_alg' => 'sha256',
'private_key_bits' => $opts['keysize'],
'encrypt_key' => FALSE
);
$ssl['sign_ca'] = array(
'config' => $ssl['config'],
- 'digest_alg' => 'sha1',
+ 'digest_alg' => 'sha256',
'private_key_bits' => $opts['keysize'],
'x509_extensions' => 'v3_ca',
'encrypt_key' => FALSE
);
$ssl['sign_server'] = array(
'config' => $ssl['config'],
- 'digest_alg' => 'sha1',
+ 'digest_alg' => 'sha256',
'private_key_bits' => $opts['keysize'],
'x509_extensions' => 'ipsecmobile_server',
'encrypt_key' => FALSE
);
$ssl['sign_client'] = array(
'config' => $ssl['config'],
- 'digest_alg' => 'sha1',
+ 'digest_alg' => 'sha256',
'private_key_bits' => $opts['keysize'],
'x509_extensions' => 'usr_cert',
'encrypt_key' => FALSE
Modified: branches/1.0/package/webinterface/altweb/common/openssl-openvpn.php
===================================================================
--- branches/1.0/package/webinterface/altweb/common/openssl-openvpn.php 2015-11-07 15:04:04 UTC (rev 7321)
+++ branches/1.0/package/webinterface/altweb/common/openssl-openvpn.php 2015-11-07 22:29:20 UTC (rev 7322)
@@ -42,27 +42,27 @@
);
$ssl['configArgs'] = array(
'config' => $ssl['config'],
- 'digest_alg' => 'sha1',
+ 'digest_alg' => 'sha256',
'private_key_bits' => $opts['keysize'],
'encrypt_key' => FALSE
);
$ssl['sign_ca'] = array(
'config' => $ssl['config'],
- 'digest_alg' => 'sha1',
+ 'digest_alg' => 'sha256',
'private_key_bits' => $opts['keysize'],
'x509_extensions' => 'v3_ca',
'encrypt_key' => FALSE
);
$ssl['sign_server'] = array(
'config' => $ssl['config'],
- 'digest_alg' => 'sha1',
+ 'digest_alg' => 'sha256',
'private_key_bits' => $opts['keysize'],
'x509_extensions' => 'openvpn_server',
'encrypt_key' => FALSE
);
$ssl['sign_client'] = array(
'config' => $ssl['config'],
- 'digest_alg' => 'sha1',
+ 'digest_alg' => 'sha256',
'private_key_bits' => $opts['keysize'],
'x509_extensions' => 'usr_cert',
'encrypt_key' => FALSE
Modified: branches/1.0/package/webinterface/altweb/common/openssl-sip-tls.php
===================================================================
--- branches/1.0/package/webinterface/altweb/common/openssl-sip-tls.php 2015-11-07 15:04:04 UTC (rev 7321)
+++ branches/1.0/package/webinterface/altweb/common/openssl-sip-tls.php 2015-11-07 22:29:20 UTC (rev 7322)
@@ -40,27 +40,27 @@
);
$ssl['configArgs'] = array(
'config' => $ssl['config'],
- 'digest_alg' => 'sha1',
+ 'digest_alg' => 'sha256',
'private_key_bits' => $opts['keysize'],
'encrypt_key' => FALSE
);
$ssl['sign_ca'] = array(
'config' => $ssl['config'],
- 'digest_alg' => 'sha1',
+ 'digest_alg' => 'sha256',
'private_key_bits' => $opts['keysize'],
'x509_extensions' => 'v3_ca',
'encrypt_key' => FALSE
);
$ssl['sign_server'] = array(
'config' => $ssl['config'],
- 'digest_alg' => 'sha1',
+ 'digest_alg' => 'sha256',
'private_key_bits' => $opts['keysize'],
'x509_extensions' => 'sip_tls_server',
'encrypt_key' => FALSE
);
$ssl['sign_client'] = array(
'config' => $ssl['config'],
- 'digest_alg' => 'sha1',
+ 'digest_alg' => 'sha256',
'private_key_bits' => $opts['keysize'],
'x509_extensions' => 'usr_cert',
'encrypt_key' => FALSE
Modified: branches/1.0/package/webinterface/altweb/common/openssl.php
===================================================================
--- branches/1.0/package/webinterface/altweb/common/openssl.php 2015-11-07 15:04:04 UTC (rev 7321)
+++ branches/1.0/package/webinterface/altweb/common/openssl.php 2015-11-07 22:29:20 UTC (rev 7322)
@@ -157,12 +157,12 @@
'emailAddress' => $email
);
$configArgs = array(
- 'digest_alg' => 'sha1',
+ 'digest_alg' => 'sha256',
'private_key_bits' => 1024,
'encrypt_key' => FALSE
);
$sign_ca = array(
- 'digest_alg' => 'sha1',
+ 'digest_alg' => 'sha256',
'private_key_bits' => 1024,
'x509_extensions' => 'v3_ca',
'encrypt_key' => FALSE
Modified: branches/1.0/project/astlinux/target_skeleton/etc/init.d/misc
===================================================================
--- branches/1.0/project/astlinux/target_skeleton/etc/init.d/misc 2015-11-07 15:04:04 UTC (rev 7321)
+++ branches/1.0/project/astlinux/target_skeleton/etc/init.d/misc 2015-11-07 22:29:20 UTC (rev 7322)
@@ -11,6 +11,7 @@
openssl req \
-new -batch \
+ -sha256 \
-newkey rsa:1024 \
-days 36500 \
-nodes \
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
