diff options
| author | Bruno Thomsen <bth@kamstrup.dk> | 2014-10-15 12:48:27 +0200 |
|---|---|---|
| committer | Daniel Stenberg <daniel@haxx.se> | 2014-10-15 13:23:22 +0200 |
| commit | 3621045631efc4c66673ece91785487a281180c8 (patch) | |
| tree | 56959e709d74f0686b815903ecd36b11c3fbdc63 | |
| parent | e64bc7cde6bf30b0bfa4e562b3d00a598771522f (diff) | |
mk-ca-bundle: added SHA-384 signature algorithm
Certificates based on SHA-1 are being phased out[1].
So we should expect a rise in certificates based on SHA-2.
Adding SHA-384 as a valid signature algorithm.
[1] https://blog.mozilla.org/security/2014/09/23/phasing-out-certificates-with-sha-1-based-signature-algorithms/
Signed-off-by: Bruno Thomsen <bth@kamstrup.dk>
| -rw-r--r-- | docs/mk-ca-bundle.1 | 2 | ||||
| -rwxr-xr-x | lib/mk-ca-bundle.pl | 3 |
2 files changed, 3 insertions, 2 deletions
diff --git a/docs/mk-ca-bundle.1 b/docs/mk-ca-bundle.1 index aa38612a8..7d38dba26 100644 --- a/docs/mk-ca-bundle.1 +++ b/docs/mk-ca-bundle.1 @@ -87,7 +87,7 @@ each certificate and output when run in plain text mode. Valid algorithms are: .RS -ALL, NONE, MD5 (default), SHA1, SHA256, SHA512 +ALL, NONE, MD5 (default), SHA1, SHA256, SHA384, SHA512 .RE .IP -u unlink (remove) certdata.txt after processing diff --git a/lib/mk-ca-bundle.pl b/lib/mk-ca-bundle.pl index 51af5c99c..4278e8290 100755 --- a/lib/mk-ca-bundle.pl +++ b/lib/mk-ca-bundle.pl @@ -56,7 +56,7 @@ $opt_d = 'release'; # If the OpenSSL commandline is not in search path you can configure it here! my $openssl = 'openssl'; -my $version = '1.23'; +my $version = '1.24'; $opt_w = 76; # default base64 encoded lines length @@ -97,6 +97,7 @@ my @valid_signature_algorithms = ( "MD5", "SHA1", "SHA256", + "SHA384", "SHA512" ); |