From: Gunnar Beutner <gunnar.beutner@netways.de>
Date: Mon, 27 Oct 2014 10:32:39 +0000 (+0100)
Subject: Use OpenSSL's default algorithms for certificate signatures
X-Git-Tag: v2.2.0~249
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=196bd89c7a2eecdad4ab2bd8ed2e87116e997e92;p=icinga2

Use OpenSSL's default algorithms for certificate signatures

fixes #7434
---

diff --git a/lib/base/tlsutility.cpp b/lib/base/tlsutility.cpp
index 56c75c53c..1a902df82 100644
--- a/lib/base/tlsutility.cpp
+++ b/lib/base/tlsutility.cpp
@@ -332,7 +332,7 @@ int MakeX509CSR(const String& cn, const String& keyfile, const String& csrfile,
 		X509_NAME *name = X509_REQ_get_subject_name(req);
 		X509_NAME_add_entry_by_txt(name, "CN", MBSTRING_ASC, (unsigned char *)cn.CStr(), -1, -1, 0);
 	
-		X509_REQ_sign(req, key, EVP_sha1());
+		X509_REQ_sign(req, key, NULL);
 	
 		Log(LogInformation, "base")
 		    << "Writing certificate signing request to '" << csrfile << "'.";
@@ -412,7 +412,7 @@ shared_ptr<X509> CreateCert(EVP_PKEY *pubkey, X509_NAME *subject, X509_NAME *iss
 		X509_EXTENSION_free(ext);
 	}
 
-	X509_sign(cert, cakey, EVP_sha1());
+	X509_sign(cert, cakey, NULL);
 
 	return shared_ptr<X509>(cert, X509_free);
 }