Packstack

Packstack still generates certificates using SHA1

Bug #1515319 reported by slotti
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Packstack
New
Undecided
Unassigned

Bug Description

When using packstack the generated certificates are still hashed using SHA1 which is deprecated.
Should be using SHA256 instead.

Workaround for me on Redhat 7:
sed -i "s/cert.sign(k, 'sha1')/cert.sign(k, 'sha256')/g" /usr/lib/python2.7/site-packages/packstack/plugins/ssl_001.py
sed -i "s/cert.sign(ca_key, 'sha1')/cert.sign(ca_key, 'sha256')/g" /usr/lib/python2.7/site-packages/packstack/modules/ospluginutils.py

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.