explicitly set digest in server cert generation

author elijah <elijah@riseup.net>

Sat, 3 Nov 2012 02:15:21 +0000 (19:15 -0700)

committer elijah <elijah@riseup.net>

Sat, 3 Nov 2012 02:15:21 +0000 (19:15 -0700)
author elijah <elijah@riseup.net>
Sat, 3 Nov 2012 02:15:21 +0000 (19:15 -0700)
committer elijah <elijah@riseup.net>
Sat, 3 Nov 2012 02:15:21 +0000 (19:15 -0700)
diff --git a/lib/leap_cli/commands/ca.rb b/lib/leap_cli/commands/ca.rb

index 9f1d42e2f36ec9df8af83867ee47a05a5386f218..4304c0df87bcc91b419d0c78bdf8e406c13344c3 100644 (file)
--- a/lib/leap_cli/commands/ca.rb
+++ b/lib/leap_cli/commands/ca.rb
@@ -109,7 +109,7 @@ module LeapCli; module Commands
      key = read_file!(key)
      openssl_cert = OpenSSL::X509::Certificate.new(crt)
      cert = CertificateAuthority::Certificate.from_openssl(openssl_cert)
-    cert.key_material.private_key = OpenSSL::PKey::RSA.new(key)  # second argument is password, if set
+    cert.key_material.private_key = OpenSSL::PKey::RSA.new(key, nil)  # second argument is password, if set
      return cert
    end
  
@@ -133,6 +133,9 @@ module LeapCli; module Commands
    #
    def server_signing_profile(node)
      {
+      #"digest" => "SHA512",
+      "digest" => "SHA256"
+      #"digest" => "SHA1",
        "extensions" => {
          "keyUsage" => {
            "usage" => ["digitalSignature", "keyAgreement"]
author	elijah <elijah@riseup.net>
	Sat, 3 Nov 2012 02:15:21 +0000 (19:15 -0700)
committer	elijah <elijah@riseup.net>
	Sat, 3 Nov 2012 02:15:21 +0000 (19:15 -0700)