tests: avoid use of sha1 in certificates The SHA-1 algorithm is deprecated (particularly for security-sensitive applications) in a variety of OS environments. This already affects RH
tests: avoid use of sha1 in certificates The SHA-1 algorithm is deprecated (particularly for security-sensitive applications) in a variety of OS environments. This already affects RHEL-9 and derivatives, which are not willing to use certificates using that algorithm. The fix is to use sha256 instead, which is already used for most of the other certificates in the test suite. Fixes #10135 This gets rid of issues related to sha1 signatures. Manual steps after "make clean-certs" and "make build-certs": - Copy tests/certs/stunnel-sv.pem to tests/stunnel.pem (make clean-certs does not remove the original tests/stunnel.pem) - Copy tests/certs/Server-localhost-sv.pubkey-pinned into --pinnedpubkey options of tests/data/test2041 and tests/data/test2087 Closes #10153
show more ...
|