rpms / openssl

Clone
Source Code
GIT

Blame SOURCES/0002-Use-more-general-default-values-in-openssl.cnf.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta c8s c9 c9-beta
  1.   6f4837a62767d45b85d58834ce121ef0f407192b
  2.   SOURCES
  3.   0002-Use-more-general-default-values-in-openssl.cnf.patch
Blob History Raw
2871ff 
From 41df9ae215cee9574e17e6f887c96a7c97d588f5 Mon Sep 17 00:00:00 2001
2871ff 
From: Tomas Mraz <tmraz@fedoraproject.org>
2871ff 
Date: Thu, 24 Sep 2020 09:03:40 +0200
2871ff 
Subject: Use more general default values in openssl.cnf
2871ff
2871ff 
Also set sha256 as default hash, although that should not be
2871ff 
necessary anymore.
2871ff
2871ff 
(was openssl-1.1.1-defaults.patch)
2871ff 
---
2871ff 
 apps/openssl.cnf | 12 +++++++-----
2871ff 
 1 file changed, 7 insertions(+), 5 deletions(-)
2871ff
2871ff 
diff --git a/apps/openssl.cnf b/apps/openssl.cnf
2871ff 
index 97567a67be..eb25a0ac48 100644
2871ff 
--- a/apps/openssl.cnf
2871ff 
+++ b/apps/openssl.cnf
2871ff 
@@ -104,7 +104,7 @@ cert_opt 	= ca_default		# Certificate field options
2871ff
2871ff 
 default_days	= 365			# how long to certify for
2871ff 
 default_crl_days= 30			# how long before next CRL
2871ff 
-default_md	= default		# use public key default MD
2871ff 
+default_md	= sha256		# use SHA-256 by default
2871ff 
 preserve	= no			# keep passed DN ordering
2871ff
2871ff 
 # A few difference way of specifying how similar the request should look
2871ff 
@@ -136,6 +136,7 @@ emailAddress		= optional
2871ff 
 ####################################################################
2871ff 
 [ req ]
2871ff 
 default_bits		= 2048
2871ff 
+default_md		= sha256
2871ff 
 default_keyfile 	= privkey.pem
2871ff 
 distinguished_name	= req_distinguished_name
2871ff 
 attributes		= req_attributes
2871ff 
@@ -158,17 +159,18 @@ string_mask = utf8only
2871ff
2871ff 
 [ req_distinguished_name ]
2871ff 
 countryName			= Country Name (2 letter code)
2871ff 
-countryName_default		= AU
2871ff 
+countryName_default		= XX
2871ff 
 countryName_min			= 2
2871ff 
 countryName_max			= 2
2871ff
2871ff 
 stateOrProvinceName		= State or Province Name (full name)
2871ff 
-stateOrProvinceName_default	= Some-State
2871ff 
+#stateOrProvinceName_default	= Default Province
2871ff
2871ff 
 localityName			= Locality Name (eg, city)
2871ff 
+localityName_default		= Default City
2871ff
2871ff 
 0.organizationName		= Organization Name (eg, company)
2871ff 
-0.organizationName_default	= Internet Widgits Pty Ltd
2871ff 
+0.organizationName_default	= Default Company Ltd
2871ff
2871ff 
 # we can do this but it is not needed normally :-)
2871ff 
 #1.organizationName		= Second Organization Name (eg, company)
2871ff 
@@ -177,7 +179,7 @@ localityName			= Locality Name (eg, city)
2871ff 
 organizationalUnitName		= Organizational Unit Name (eg, section)
2871ff 
 #organizationalUnitName_default	=
2871ff
2871ff 
-commonName			= Common Name (e.g. server FQDN or YOUR name)
2871ff 
+commonName			= Common Name (eg, your name or your server\'s hostname)
2871ff 
 commonName_max			= 64
2871ff
2871ff 
 emailAddress			= Email Address
2871ff 
--
2871ff 
2.26.2
2871ff

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation