Changed the default value of the "ess_cert_id_alg" option

This is used to calculate the TSA's public key certificate identifier. The default algorithm is changed from sha1 to sha256. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21794)
author: olszomal <Malgorzata.Olszowka@stunnel.org> 2023-08-21 09:29:28 +0200
committer: Tomas Mraz <tomas@openssl.org> 2023-08-25 15:05:51 +0200
commit: 10536b7f5b07aab3dc9631e94a56258155a1d942 (patch)
tree: d0ca8d3c14e86775c69f3d15af5d4c10a590156c /crypto
parent: 975f372a6f7ae20e0c4c55a930a6844f2585ee6d (diff)
download: openssl-10536b7f5b07aab3dc9631e94a56258155a1d942.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/crypto/ts/ts_conf.c b/crypto/ts/ts_conf.c
index c415839995..3fde53cf9f 100644
--- a/crypto/ts/ts_conf.c
+++ b/crypto/ts/ts_conf.c
@@ -481,7 +481,7 @@ int TS_CONF_set_ess_cert_id_digest(CONF *conf, const char *section,
     const char *md = NCONF_get_string(conf, section, ENV_ESS_CERT_ID_ALG);
 
     if (md == NULL)
-        md = "sha1";
+        md = "sha256";
 
     cert_md = EVP_get_digestbyname(md);
     if (cert_md == NULL) {
author	olszomal <Malgorzata.Olszowka@stunnel.org>	2023-08-21 09:29:28 +0200
committer	Tomas Mraz <tomas@openssl.org>	2023-08-25 15:05:51 +0200
commit	10536b7f5b07aab3dc9631e94a56258155a1d942 (patch)
tree	d0ca8d3c14e86775c69f3d15af5d4c10a590156c /crypto
parent	975f372a6f7ae20e0c4c55a930a6844f2585ee6d (diff)
download	openssl-10536b7f5b07aab3dc9631e94a56258155a1d942.tar.gz