summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--pki/base/ca/shared/conf/CS.cfg16
-rw-r--r--pki/base/kra/shared/conf/CS.cfg10
-rw-r--r--pki/base/ocsp/shared/conf/CS.cfg10
-rw-r--r--pki/base/ra/doc/CS.cfg4
-rw-r--r--pki/base/tks/shared/conf/CS.cfg8
-rw-r--r--pki/base/tps/doc/CS.cfg6
6 files changed, 27 insertions, 27 deletions
diff --git a/pki/base/ca/shared/conf/CS.cfg b/pki/base/ca/shared/conf/CS.cfg
index 8eab9d87f..3ebd84d6a 100644
--- a/pki/base/ca/shared/conf/CS.cfg
+++ b/pki/base/ca/shared/conf/CS.cfg
@@ -52,7 +52,7 @@ preop.cert.ocsp_signing.enable=true
preop.cert.sslserver.enable=true
preop.cert.subsystem.enable=true
preop.cert.audit_signing.enable=true
-preop.cert.signing.defaultSigningAlgorithm=SHA1withRSA
+preop.cert.signing.defaultSigningAlgorithm=SHA256withRSA
preop.cert.signing.dn=CN=Certificate Authority
preop.cert.signing.cncomponent.override=true
preop.cert.signing.keysize.size=2048
@@ -63,7 +63,7 @@ preop.cert.signing.signing.required=true
preop.cert.signing.subsystem=ca
preop.cert.signing.type=selfsign
preop.cert.signing.userfriendlyname=CA Signing Certificate
-preop.cert.audit_signing.defaultSigningAlgorithm=SHA1withRSA
+preop.cert.audit_signing.defaultSigningAlgorithm=SHA256withRSA
preop.cert.audit_signing.dn=CN=CA Audit Signing Certificate
preop.cert.audit_signing.keysize.custom_size=2048
preop.cert.audit_signing.keysize.size=2048
@@ -74,7 +74,7 @@ preop.cert.audit_signing.subsystem=ca
preop.cert.audit_signing.type=local
preop.cert.audit_signing.userfriendlyname=CA Audit Signing Certificate
preop.cert.audit_signing.cncomponent.override=true
-preop.cert.ocsp_signing.defaultSigningAlgorithm=SHA1withRSA
+preop.cert.ocsp_signing.defaultSigningAlgorithm=SHA256withRSA
preop.cert.ocsp_signing.dn=CN=OCSP Signing Certificate
preop.cert.ocsp_signing.keysize.custom_size=2048
preop.cert.ocsp_signing.keysize.size=2048
@@ -85,7 +85,7 @@ preop.cert.ocsp_signing.subsystem=ca
preop.cert.ocsp_signing.type=local
preop.cert.ocsp_signing.userfriendlyname=OCSP Signing Certificate
preop.cert.ocsp_signing.cncomponent.override=true
-preop.cert.sslserver.defaultSigningAlgorithm=SHA1withRSA
+preop.cert.sslserver.defaultSigningAlgorithm=SHA256withRSA
preop.cert.sslserver.dn=CN=[PKI_MACHINE_NAME]
preop.cert.sslserver.keysize.custom_size=2048
preop.cert.sslserver.keysize.size=2048
@@ -96,7 +96,7 @@ preop.cert.sslserver.subsystem=ca
preop.cert.sslserver.type=local
preop.cert.sslserver.userfriendlyname=SSL Server Certificate
preop.cert.sslserver.cncomponent.override=false
-preop.cert.subsystem.defaultSigningAlgorithm=SHA1withRSA
+preop.cert.subsystem.defaultSigningAlgorithm=SHA256withRSA
preop.cert.subsystem.dn=CN=CA Subsystem Certificate
preop.cert.subsystem.keysize.custom_size=2048
preop.cert.subsystem.keysize.size=2048
@@ -107,7 +107,7 @@ preop.cert.subsystem.subsystem=ca
preop.cert.subsystem.type=local
preop.cert.subsystem.userfriendlyname=Subsystem Certificate
preop.cert.subsystem.cncomponent.override=true
-preop.cert.admin.defaultSigningAlgorithm=SHA1withRSA
+preop.cert.admin.defaultSigningAlgorithm=SHA256withRSA
preop.cert.admin.dn=uid=admin,cn=admin
preop.cert.admin.keysize.custom_size=2048
preop.cert.admin.keysize.size=2048
@@ -563,7 +563,7 @@ ca.crl.MasterCRL.includeExpiredCerts=false
ca.crl.MasterCRL.minUpdateInterval=0
ca.crl.MasterCRL.nextUpdateGracePeriod=0
ca.crl.MasterCRL.publishOnStart=false
-ca.crl.MasterCRL.signingAlgorithm=SHA1withRSA
+ca.crl.MasterCRL.signingAlgorithm=SHA256withRSA
ca.crl.MasterCRL.updateSchema=1
ca.crl.MasterCRL.extension.AuthorityInformationAccess.accessLocation0=
ca.crl.MasterCRL.extension.AuthorityInformationAccess.accessLocationType0=URI
@@ -631,7 +631,7 @@ ca.notification.requestInQ.enabled=false
ca.notification.requestInQ.recipientEmail=
ca.notification.requestInQ.senderEmail=
ca.ocsp_signing.cacertnickname=ocspSigningCert cert-[PKI_INSTANCE_ID]
-ca.ocsp_signing.defaultSigningAlgorithm=SHA1withRSA
+ca.ocsp_signing.defaultSigningAlgorithm=SHA256withRSA
ca.ocsp_signing.tokenname=internal
ca.publish.createOwnDNEntry=false
ca.publish.queue.enable=true
diff --git a/pki/base/kra/shared/conf/CS.cfg b/pki/base/kra/shared/conf/CS.cfg
index 69a33d570..56944d5fc 100644
--- a/pki/base/kra/shared/conf/CS.cfg
+++ b/pki/base/kra/shared/conf/CS.cfg
@@ -42,7 +42,7 @@ preop.cert.storage.enable=true
preop.cert.sslserver.enable=true
preop.cert.subsystem.enable=true
preop.cert.audit_signing.enable=true
-preop.cert.audit_signing.defaultSigningAlgorithm=SHA1withRSA
+preop.cert.audit_signing.defaultSigningAlgorithm=SHA256withRSA
preop.cert.audit_signing.dn=CN=DRM Audit Signing Certificate
preop.cert.audit_signing.keysize.custom_size=2048
preop.cert.audit_signing.keysize.size=2048
@@ -53,7 +53,7 @@ preop.cert.audit_signing.subsystem=kra
preop.cert.audit_signing.type=remote
preop.cert.audit_signing.userfriendlyname=DRM Audit Signing Certificate
preop.cert.audit_signing.cncomponent.override=true
-preop.cert.storage.defaultSigningAlgorithm=SHA1withRSA
+preop.cert.storage.defaultSigningAlgorithm=SHA256withRSA
preop.cert.storage.dn=CN=DRM Storage Certificate
preop.cert.storage.keysize.custom_size=2048
preop.cert.storage.keysize.size=2048
@@ -64,7 +64,7 @@ preop.cert.storage.subsystem=kra
preop.cert.storage.type=remote
preop.cert.storage.userfriendlyname=Storage Certificate
preop.cert.storage.cncomponent.override=true
-preop.cert.transport.defaultSigningAlgorithm=SHA1withRSA
+preop.cert.transport.defaultSigningAlgorithm=SHA256withRSA
preop.cert.transport.dn=CN=DRM Transport Certificate
preop.cert.transport.keysize.custom_size=2048
preop.cert.transport.keysize.size=2048
@@ -75,7 +75,7 @@ preop.cert.transport.subsystem=kra
preop.cert.transport.type=remote
preop.cert.transport.userfriendlyname=Transport Certificate
preop.cert.transport.cncomponent.override=true
-preop.cert.sslserver.defaultSigningAlgorithm=SHA1withRSA
+preop.cert.sslserver.defaultSigningAlgorithm=SHA256withRSA
preop.cert.sslserver.dn=CN=[PKI_MACHINE_NAME]
preop.cert.sslserver.keysize.custom_size=2048
preop.cert.sslserver.keysize.size=2048
@@ -86,7 +86,7 @@ preop.cert.sslserver.subsystem=kra
preop.cert.sslserver.type=remote
preop.cert.sslserver.userfriendlyname=SSL Server Certificate
preop.cert.sslserver.cncomponent.override=false
-preop.cert.subsystem.defaultSigningAlgorithm=SHA1withRSA
+preop.cert.subsystem.defaultSigningAlgorithm=SHA256withRSA
preop.cert.subsystem.dn=CN=DRM Subsystem Certificate
preop.cert.subsystem.keysize.custom_size=2048
preop.cert.subsystem.keysize.size=2048
diff --git a/pki/base/ocsp/shared/conf/CS.cfg b/pki/base/ocsp/shared/conf/CS.cfg
index 79b045ee6..e4f0d2d7b 100644
--- a/pki/base/ocsp/shared/conf/CS.cfg
+++ b/pki/base/ocsp/shared/conf/CS.cfg
@@ -45,7 +45,7 @@ preop.cert.ocsp_signing.enable=true
preop.cert.sslserver.enable=true
preop.cert.subsystem.enable=true
preop.cert.audit_signing.enable=true
-preop.cert.audit_signing.defaultSigningAlgorithm=SHA1withRSA
+preop.cert.audit_signing.defaultSigningAlgorithm=SHA256withRSA
preop.cert.audit_signing.dn=CN=OCSP Audit Signing Certificate
preop.cert.audit_signing.keysize.custom_size=2048
preop.cert.audit_signing.keysize.size=2048
@@ -56,7 +56,7 @@ preop.cert.audit_signing.subsystem=ocsp
preop.cert.audit_signing.type=remote
preop.cert.audit_signing.userfriendlyname=OCSP Audit Signing Certificate
preop.cert.audit_signing.cncomponent.override=true
-preop.cert.signing.defaultSigningAlgorithm=SHA1withRSA
+preop.cert.signing.defaultSigningAlgorithm=SHA256withRSA
preop.cert.signing.dn=CN=OCSP Signing Certificate
preop.cert.signing.keysize.custom_size=2048
preop.cert.signing.keysize.size=2048
@@ -67,7 +67,7 @@ preop.cert.signing.subsystem=ocsp
preop.cert.signing.type=remote
preop.cert.signing.userfriendlyname=OCSP Signing Certificate
preop.cert.signing.cncomponent.override=true
-preop.cert.sslserver.defaultSigningAlgorithm=SHA1withRSA
+preop.cert.sslserver.defaultSigningAlgorithm=SHA256withRSA
preop.cert.sslserver.dn=CN=[PKI_MACHINE_NAME]
preop.cert.sslserver.keysize.custom_size=2048
preop.cert.sslserver.keysize.size=2048
@@ -78,7 +78,7 @@ preop.cert.sslserver.subsystem=ocsp
preop.cert.sslserver.type=remote
preop.cert.sslserver.userfriendlyname=SSL Server Certificate
preop.cert.sslserver.cncomponent.override=false
-preop.cert.subsystem.defaultSigningAlgorithm=SHA1withRSA
+preop.cert.subsystem.defaultSigningAlgorithm=SHA256withRSA
preop.cert.subsystem.dn=CN=OCSP Subsystem Certificate
preop.cert.subsystem.keysize.custom_size=2048
preop.cert.subsystem.keysize.size=2048
@@ -250,7 +250,7 @@ logError.fileName=[PKI_INSTANCE_PATH]/logs/error
ocsp.certNickname=
ocsp.storeId=defStore
ocsp.signing.certnickname=
-ocsp.signing.defaultSigningAlgorithm=SHA1withRSA
+ocsp.signing.defaultSigningAlgorithm=SHA256withRSA
ocsp.signing.tokenname=internal
ocsp.store.defStore.class=com.netscape.cms.ocsp.DefStore
ocsp.store.defStore.includeNextUpdate=false
diff --git a/pki/base/ra/doc/CS.cfg b/pki/base/ra/doc/CS.cfg
index 052d01f7e..0fc0efb36 100644
--- a/pki/base/ra/doc/CS.cfg
+++ b/pki/base/ra/doc/CS.cfg
@@ -211,7 +211,7 @@ preop.cert._002=#########################################
preop.cert.list=sslserver,subsystem
preop.cert.sslserver.enable=true
preop.cert.subsystem.enable=true
-preop.cert.sslserver.defaultSigningAlgorithm=SHA1withRSA
+preop.cert.sslserver.defaultSigningAlgorithm=SHA256withRSA
preop.cert.sslserver.dn=CN=[SERVER_NAME], OU=[PKI_INSTANCE_ID]
preop.cert.sslserver.keysize.customsize=2048
preop.cert.sslserver.keysize.size=2048
@@ -222,7 +222,7 @@ preop.cert.sslserver.subsystem=ra
preop.cert._003=#preop.cert.sslserver.type=local
preop.cert.sslserver.userfriendlyname=SSL Server Certificate
preop.cert._004=#preop.cert.sslserver.cncomponent.override=false
-preop.cert.subsystem.defaultSigningAlgorithm=SHA1withRSA
+preop.cert.subsystem.defaultSigningAlgorithm=SHA256withRSA
preop.cert.subsystem.dn=CN=RA Subsystem Certificate, OU=[PKI_INSTANCE_ID]
preop.cert.subsystem.keysize.customsize=2048
preop.cert.subsystem.keysize.size=2048
diff --git a/pki/base/tks/shared/conf/CS.cfg b/pki/base/tks/shared/conf/CS.cfg
index 158166316..55689d701 100644
--- a/pki/base/tks/shared/conf/CS.cfg
+++ b/pki/base/tks/shared/conf/CS.cfg
@@ -35,7 +35,7 @@ preop.cert.list=sslserver,subsystem,audit_signing
preop.cert.sslserver.enable=true
preop.cert.subsystem.enable=true
preop.cert.audit_signing.enable=true
-preop.cert.audit_signing.defaultSigningAlgorithm=SHA1withRSA
+preop.cert.audit_signing.defaultSigningAlgorithm=SHA256withRSA
preop.cert.audit_signing.dn=CN=TKS Audit Signing Certificate
preop.cert.audit_signing.keysize.custom_size=2048
preop.cert.audit_signing.keysize.size=2048
@@ -46,7 +46,7 @@ preop.cert.audit_signing.subsystem=tks
preop.cert.audit_signing.type=remote
preop.cert.audit_signing.userfriendlyname=TKS Audit Signing Certificate
preop.cert.audit_signing.cncomponent.override=true
-preop.cert.sslserver.defaultSigningAlgorithm=SHA1withRSA
+preop.cert.sslserver.defaultSigningAlgorithm=SHA256withRSA
preop.cert.sslserver.dn=CN=[PKI_MACHINE_NAME]
preop.cert.sslserver.keysize.custom_size=2048
preop.cert.sslserver.keysize.size=2048
@@ -57,7 +57,7 @@ preop.cert.sslserver.subsystem=tks
preop.cert.sslserver.type=remote
preop.cert.sslserver.userfriendlyname=SSL Server Certificate
preop.cert.sslserver.cncomponent.override=false
-preop.cert.subsystem.defaultSigningAlgorithm=SHA1withRSA
+preop.cert.subsystem.defaultSigningAlgorithm=SHA256withRSA
preop.cert.subsystem.dn=CN=TKS Subsystem Certificate
preop.cert.subsystem.keysize.custom_size=2048
preop.cert.subsystem.keysize.size=2048
@@ -68,7 +68,7 @@ preop.cert.subsystem.subsystem=tks
preop.cert.subsystem.type=remote
preop.cert.subsystem.userfriendlyname=Subsystem Certificate
preop.cert.subsystem.cncomponent.override=true
-preop.cert.admin.defaultSigningAlgorithm=SHA1withRSA
+preop.cert.admin.defaultSigningAlgorithm=SHA256withRSA
preop.cert.admin.dn=uid=admin,cn=admin
preop.cert.admin.keysize.custom_size=2048
preop.cert.admin.keysize.size=2048
diff --git a/pki/base/tps/doc/CS.cfg b/pki/base/tps/doc/CS.cfg
index 3750c6da0..f511c97fb 100644
--- a/pki/base/tps/doc/CS.cfg
+++ b/pki/base/tps/doc/CS.cfg
@@ -376,7 +376,7 @@ preop.cert.list=sslserver,subsystem,audit_signing
preop.cert.sslserver.enable=true
preop.cert.subsystem.enable=true
preop.cert.audit_signing.enable=false
-preop.cert.sslserver.defaultSigningAlgorithm=SHA1withRSA
+preop.cert.sslserver.defaultSigningAlgorithm=SHA256withRSA
preop.cert.sslserver.dn=CN=[SERVER_NAME], OU=[PKI_INSTANCE_ID]
preop.cert.sslserver.keysize.customsize=2048
preop.cert.sslserver.keysize.size=2048
@@ -387,7 +387,7 @@ preop.cert.sslserver.subsystem=tps
preop.cert._003=#preop.cert.sslserver.type=local
preop.cert.sslserver.userfriendlyname=SSL Server Certificate
preop.cert._004=#preop.cert.sslserver.cncomponent.override=false
-preop.cert.subsystem.defaultSigningAlgorithm=SHA1withRSA
+preop.cert.subsystem.defaultSigningAlgorithm=SHA256withRSA
preop.cert.subsystem.dn=CN=TPS Subsystem Certificate, OU=[PKI_INSTANCE_ID]
preop.cert.subsystem.keysize.customsize=2048
preop.cert.subsystem.keysize.size=2048
@@ -398,7 +398,7 @@ preop.cert.subsystem.subsystem=tps
preop.cert._005=#preop.cert.subsystem.type=local
preop.cert.subsystem.userfriendlyname=Subsystem Certificate
preop.cert._006=#preop.cert.subsystem.cncomponent.override=true
-preop.cert.audit_signing.defaultSigningAlgorithm=SHA1withRSA
+preop.cert.audit_signing.defaultSigningAlgorithm=SHA256withRSA
preop.cert.audit_signing.dn=CN=TPS Audit Signing Certificate, OU=[PKI_INSTANCE_ID]
preop.cert.audit_signing.keysize.customsize=2048
preop.cert.audit_signing.keysize.size=2048
generated by cgit (git 2.34.1) at 2024-11-15 17:14:57 +0000