aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBruno Thomsen <bth@kamstrup.dk>2014-10-15 12:48:27 +0200
committerDaniel Stenberg <daniel@haxx.se>2014-10-15 13:23:22 +0200
commit3621045631efc4c66673ece91785487a281180c8 (patch)
tree56959e709d74f0686b815903ecd36b11c3fbdc63
parente64bc7cde6bf30b0bfa4e562b3d00a598771522f (diff)
mk-ca-bundle: added SHA-384 signature algorithm
Certificates based on SHA-1 are being phased out[1]. So we should expect a rise in certificates based on SHA-2. Adding SHA-384 as a valid signature algorithm. [1] https://blog.mozilla.org/security/2014/09/23/phasing-out-certificates-with-sha-1-based-signature-algorithms/ Signed-off-by: Bruno Thomsen <bth@kamstrup.dk>
-rw-r--r--docs/mk-ca-bundle.12
-rwxr-xr-xlib/mk-ca-bundle.pl3
2 files changed, 3 insertions, 2 deletions
diff --git a/docs/mk-ca-bundle.1 b/docs/mk-ca-bundle.1
index aa38612a8..7d38dba26 100644
--- a/docs/mk-ca-bundle.1
+++ b/docs/mk-ca-bundle.1
@@ -87,7 +87,7 @@ each certificate and output when run in plain text mode.
Valid algorithms are:
.RS
-ALL, NONE, MD5 (default), SHA1, SHA256, SHA512
+ALL, NONE, MD5 (default), SHA1, SHA256, SHA384, SHA512
.RE
.IP -u
unlink (remove) certdata.txt after processing
diff --git a/lib/mk-ca-bundle.pl b/lib/mk-ca-bundle.pl
index 51af5c99c..4278e8290 100755
--- a/lib/mk-ca-bundle.pl
+++ b/lib/mk-ca-bundle.pl
@@ -56,7 +56,7 @@ $opt_d = 'release';
# If the OpenSSL commandline is not in search path you can configure it here!
my $openssl = 'openssl';
-my $version = '1.23';
+my $version = '1.24';
$opt_w = 76; # default base64 encoded lines length
@@ -97,6 +97,7 @@ my @valid_signature_algorithms = (
"MD5",
"SHA1",
"SHA256",
+ "SHA384",
"SHA512"
);