Make tests use sha256 as openssl default digest algorithm

The tests previously used md5, which is considered broken, and distros are starting to disable this in their openssl builds. Make the tests use sha256 as the default as a long term sane alternative that should work on all distros. This will fix Centos 7, and future proof the tests. Closes-Bug: #1399498 Change-Id: Ic6cc92e47a318d789db3c3c98c67948eefb51fc2 (cherry picked from commit f4495de5a04b03bbd6773b6b059ea0341a2d0aea)
author: Davanum Srinivas <davanum@gmail.com> 2015-02-05 13:57:04 -0500
committer: Artom Lifshitz <alifshit@redhat.com> 2015-02-24 17:27:54 -0500
commit: e27596102087984d2b8c9b74ef0e340c372d0b77 (patch)
tree: 33fa9ecf16d0953890a54524e04f6cf9d265ce5d
parent: c58d6441d9ed287917d711823a309c5df1659758 (diff)
download: nova-e27596102087984d2b8c9b74ef0e340c372d0b77.tar.gz
1 files changed, 2 insertions, 2 deletions
diff --git a/nova/CA/openssl.cnf.tmpl b/nova/CA/openssl.cnf.tmpl
index f87d9f3b21..838a9cdba3 100644
--- a/nova/CA/openssl.cnf.tmpl
+++ b/nova/CA/openssl.cnf.tmpl
@@ -34,7 +34,7 @@ private_key		= $dir/private/cakey.pem
 unique_subject		= no
 default_crl_days	= 365
 default_days		= 365
-default_md		= md5
+default_md		= sha256
 preserve		= no
 email_in_dn		= no
 nameopt			= default_ca
@@ -57,7 +57,7 @@ emailAddress		= optional
 [ req ]
 default_bits		= 1024			# Size of keys
 default_keyfile		= key.pem		# name of generated keys
-default_md		= md5			# message digest algorithm
+default_md		= sha256		# message digest algorithm
 string_mask		= nombstr		# permitted characters
 distinguished_name	= req_distinguished_name
author	Davanum Srinivas <davanum@gmail.com>	2015-02-05 13:57:04 -0500
committer	Artom Lifshitz <alifshit@redhat.com>	2015-02-24 17:27:54 -0500
commit	e27596102087984d2b8c9b74ef0e340c372d0b77 (patch)
tree	33fa9ecf16d0953890a54524e04f6cf9d265ce5d
parent	c58d6441d9ed287917d711823a309c5df1659758 (diff)
download	nova-e27596102087984d2b8c9b74ef0e340c372d0b77.tar.gz