From 44e0c2bae4bfd87d770480902618dbccde84fd81 Mon Sep 17 00:00:00 2001
From: Kurt Roeckx <kurt@roeckx.be>
Date: Mon, 8 Sep 2014 17:14:36 -0400
Subject: RT2626: Change default_bits from 1K to 2K

This is a more comprehensive fix.  It changes all
keygen apps to use 2K keys. It also changes the
default to use SHA256 not SHA1.  This is from
Kurt's upstream Debian changes.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
---
 apps/openssl.cnf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'apps/openssl.cnf')

diff --git a/apps/openssl.cnf b/apps/openssl.cnf
index 514e64035b..41c2a37426 100644
--- a/apps/openssl.cnf
+++ b/apps/openssl.cnf
@@ -103,7 +103,7 @@ emailAddress		= optional
 
 ####################################################################
 [ req ]
-default_bits		= 1024
+default_bits		= 2048
 default_keyfile 	= privkey.pem
 distinguished_name	= req_distinguished_name
 attributes		= req_attributes
-- 
cgit v1.2.1