Skip to content

Commit 6068b7a

Browse files
author
Till Brehm
committed
Changed SSL cert generation mode to SHA256.
1 parent 4c4739d commit 6068b7a

File tree

2 files changed

+4
-2
lines changed

2 files changed

+4
-2
lines changed

server/plugins-available/apache2_plugin.inc.php

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -148,6 +148,7 @@ function ssl($event_name, $data) {
148148
149149
[ req ]
150150
default_bits = 2048
151+
default_md = sha256
151152
default_keyfile = keyfile.pem
152153
distinguished_name = req_distinguished_name
153154
attributes = req_attributes
@@ -188,7 +189,7 @@ function ssl($event_name, $data) {
188189
if(is_file($ssl_cnf_file) && !is_link($ssl_cnf_file)) {
189190

190191
exec("openssl genrsa -des3 -rand $rand_file -passout pass:$ssl_password -out $openssl_cmd_key_file 2048");
191-
exec("openssl req -new -passin pass:$ssl_password -passout pass:$ssl_password -key $openssl_cmd_key_file -out $openssl_cmd_csr_file -days $ssl_days -config $config_file");
192+
exec("openssl req -new -sha256 -passin pass:$ssl_password -passout pass:$ssl_password -key $openssl_cmd_key_file -out $openssl_cmd_csr_file -days $ssl_days -config $config_file");
192193
exec("openssl rsa -passin pass:$ssl_password -in $openssl_cmd_key_file -out $openssl_cmd_key_file2");
193194

194195
if(file_exists($web_config['CA_path'].'/openssl.cnf'))

server/plugins-available/nginx_plugin.inc.php

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -147,6 +147,7 @@ function ssl($event_name, $data) {
147147
148148
[ req ]
149149
default_bits = 2048
150+
default_md = sha256
150151
default_keyfile = keyfile.pem
151152
distinguished_name = req_distinguished_name
152153
attributes = req_attributes
@@ -187,7 +188,7 @@ function ssl($event_name, $data) {
187188
if(is_file($ssl_cnf_file) && !is_link($ssl_cnf_file)) {
188189

189190
exec("openssl genrsa -des3 -rand $rand_file -passout pass:$ssl_password -out $openssl_cmd_key_file 2048");
190-
exec("openssl req -new -passin pass:$ssl_password -passout pass:$ssl_password -key $openssl_cmd_key_file -out $openssl_cmd_csr_file -days $ssl_days -config $config_file");
191+
exec("openssl req -new -sha256 -passin pass:$ssl_password -passout pass:$ssl_password -key $openssl_cmd_key_file -out $openssl_cmd_csr_file -days $ssl_days -config $config_file");
191192
exec("openssl rsa -passin pass:$ssl_password -in $openssl_cmd_key_file -out $openssl_cmd_key_file2");
192193

193194
if(file_exists($web_config['CA_path'].'/openssl.cnf'))

0 commit comments

Comments
 (0)