| Index: net/data/ssl/scripts/ee.cnf
|
| diff --git a/net/data/ssl/scripts/ee.cnf b/net/data/ssl/scripts/ee.cnf
|
| index 5214f9e97f200397f4b6c04ed002af20433e6fdc..fa2a89b6ebf46fbc56b5e3a6fd0297b1a1df10e8 100644
|
| --- a/net/data/ssl/scripts/ee.cnf
|
| +++ b/net/data/ssl/scripts/ee.cnf
|
| @@ -3,7 +3,7 @@ KEY_SIZE = 2048
|
|
|
| [req]
|
| default_bits = ${ENV::KEY_SIZE}
|
| -default_md = sha1
|
| +default_md = sha256
|
| string_mask = utf8only
|
| prompt = no
|
| encrypt_key = no
|
| @@ -25,9 +25,16 @@ CN = Duplicate
|
| O = Bar
|
| CN = Duplicate
|
|
|
| +[req_punycode_dn]
|
| +CN = xn--wgv71a119e.com
|
| +
|
| [req_extensions]
|
| subjectAltName = IP:127.0.0.1
|
|
|
| +[req_punycode]
|
| +basicConstraints = critical, CA:true
|
| +subjectAltName = @punycode_san
|
| +
|
| [req_san_sanity]
|
| basicConstraints = critical, CA:true
|
| subjectAltName = @san_sanity
|
| @@ -50,3 +57,8 @@ CN=127.0.0.3
|
| DNS.1 = www.example.org
|
| DNS.2 = mail.example.org
|
| DNS.3 = mail.example.com
|
| +
|
| +[punycode_san]
|
| +DNS.1 = xn--wgv71a119e.com
|
| +DNS.2 = *.xn--wgv71a119e.com
|
| +DNS.3 = blahblahblahblah.com
|
|
|
Chromium Code Reviews
Issue 515583004:
Update test cert generation scripts to use SHA-256 by default (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@test_cert_scripts