From 88a0fdcda78aea8653ba9070d34264ff93ce57b1 Mon Sep 17 00:00:00 2001 From: Brian West Date: Wed, 17 Apr 2013 09:48:48 -0500 Subject: [PATCH] 2048 and sha1 default. --- src/switch_core_cert.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/switch_core_cert.c b/src/switch_core_cert.c index b2620368f4..1ff065354c 100644 --- a/src/switch_core_cert.c +++ b/src/switch_core_cert.c @@ -267,7 +267,7 @@ SWITCH_DECLARE(int) switch_core_gen_certs(const char *prefix) //bio_err=BIO_new_fp(stderr, BIO_NOCLOSE); - mkcert(&x509, &pkey, 512, 0, 365); + mkcert(&x509, &pkey, 2048, 0, 365); //RSA_print_fp(stdout, pkey->pkey.rsa, 0); //X509_print_fp(stdout, x509); @@ -390,7 +390,7 @@ static int mkcert(X509 **x509p, EVP_PKEY **pkeyp, int bits, int serial, int days add_ext(x, NID_netscape_comment, "Self-Signed CERT for DTLS"); - if (!X509_sign(x, pk, EVP_md5())) + if (!X509_sign(x, pk, EVP_sha1())) goto err; *x509p=x;