From 196bd89c7a2eecdad4ab2bd8ed2e87116e997e92 Mon Sep 17 00:00:00 2001 From: Gunnar Beutner Date: Mon, 27 Oct 2014 11:32:39 +0100 Subject: [PATCH] Use OpenSSL's default algorithms for certificate signatures fixes #7434 --- lib/base/tlsutility.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/base/tlsutility.cpp b/lib/base/tlsutility.cpp index 56c75c53c..1a902df82 100644 --- a/lib/base/tlsutility.cpp +++ b/lib/base/tlsutility.cpp @@ -332,7 +332,7 @@ int MakeX509CSR(const String& cn, const String& keyfile, const String& csrfile, X509_NAME *name = X509_REQ_get_subject_name(req); X509_NAME_add_entry_by_txt(name, "CN", MBSTRING_ASC, (unsigned char *)cn.CStr(), -1, -1, 0); - X509_REQ_sign(req, key, EVP_sha1()); + X509_REQ_sign(req, key, NULL); Log(LogInformation, "base") << "Writing certificate signing request to '" << csrfile << "'."; @@ -412,7 +412,7 @@ shared_ptr CreateCert(EVP_PKEY *pubkey, X509_NAME *subject, X509_NAME *iss X509_EXTENSION_free(ext); } - X509_sign(cert, cakey, EVP_sha1()); + X509_sign(cert, cakey, NULL); return shared_ptr(cert, X509_free); } -- 2.40.0