From cf282055f0acd6894b65d29672a6bcb79a3a9325 Mon Sep 17 00:00:00 2001
From: Adar Nimrod <nimrod@shore.co.il>
Date: Tue, 10 Nov 2015 09:00:20 +0200
Subject: [PATCH] In most OpenSSL versions (1.0.2 or earlier), SHA256 is NOT an
 available hashing algorithm (according to the documentation) and OpenSSL
 ignores the field and uses the default, which is MD5. Setting the default
 hash to SHA1.

---
 ssl-ca | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/ssl-ca b/ssl-ca
index 463149b..b3cd24a 100755
--- a/ssl-ca
+++ b/ssl-ca
@@ -12,7 +12,7 @@ dir = $PWD
 certs = \$dir/certs
 certificate = \$dir/CA.crt
 private_key = \$dir/CA.key
-default_md = sha256
+default_md = sha1
 default_days = 365
 email_in_dn = no
 RANDFILE = /dev/urandom
@@ -22,7 +22,7 @@ database = /dev/null
 distinguished_name = req_distinguished_name
 prompt = no
 encrypt_key = no
-default_md = sha256
+default_md = sha1
 default_bits = 2048
 RANDFILE = /dev/urandom
 
-- 
GitLab