From e563c9b20616c40b7cd57165eb91171b6619346b Mon Sep 17 00:00:00 2001 From: Peter Edwards Date: Mon, 27 Jun 2022 22:00:05 +0100 Subject: [PATCH] OpenSSL 3 fixes: use SHA256 instead of SHA1 OpenSSL 3.x does not support signing certificates with SHA1 by default. Use SHA256 instead. --- test/regress_openssl.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/regress_openssl.c b/test/regress_openssl.c index 1bf0b50d..f74cae1c 100644 --- a/test/regress_openssl.c +++ b/test/regress_openssl.c @@ -103,7 +103,7 @@ ssl_getcert(EVP_PKEY *key) now += 3600; X509_time_adj(X509_getm_notAfter(x509), 0, &now); X509_set_pubkey(x509, key); - tt_assert(0 != X509_sign(x509, key, EVP_sha1())); + tt_assert(0 != X509_sign(x509, key, EVP_sha256())); return x509; end: -- 2.40.0