Commit
9ff33ca7 (ovs-pki: Use SHA-512 instead of MD5 as message
digest.) changes the message digest algorithm to SHA-512. This
seems to break the unit tests on some xenserver 5.6/6.0 builds
causing the error: "SSL_connect: error:
0D0C50A1:asn1 encoding
routines:ASN1_item_verify:unknown message digest algorithm".
As a solution, this commit changes the message digest algorithm
to SHA-1 which works for both the above xenserver builds and
centos 7.
VMware-BZ: #
1304530
Signed-off-by: Alex Wang <alexw@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
v2.3.1 - xx xxx xxxx
---------------------
- Compatibility with autoconf 2.63 (previously >=2.64)
-
+ - ovs-pki: Changed message digest algorithm from MD5 to SHA-1 because
+ MD5 is no longer secure and some operating systems have started to disable
+ it in OpenSSL.
v2.3.0 - 14 Aug 2014
---------------------
RANDFILE = $dir/private/.rand # random number file
default_days = 3650 # how long to certify for
default_crl_days= 30 # how long before next CRL
-default_md = md5 # md to use
+default_md = sha1 # message digest to use
policy = policy # default policy
email_in_dn = no # Don't add the email into cert DN
name_opt = ca_default # Subject name display option