Commit Graph

3 Commits

Author SHA1 Message Date
Christian Heimes 49d65958e1 [2.7] bpo-34542: Update test certs and keys (GH-8997) (GH-9397)
Update all test certs and keys to use future proof crypto settings:

* 3072 bit RSA keys
* SHA-256 signature

Signed-off-by: Christian Heimes <christian@python.org>.
(cherry picked from commit e6dac00779)



https://bugs.python.org/issue34542
2018-09-20 03:33:53 -07:00
Christian Heimes 1f34aece28
[2.7] bpo-34399: 2048 bits RSA keys and DH params (GH-8762) (GH-8765)
Downstream vendors have started to deprecate weak keys. Update all RSA keys
and DH params to use at least 2048 bits.

Finite field DH param file use RFC 7919 values, generated with

    certtool --get-dh-params --sec-param=high

Signed-off-by: Christian Heimes <christian@python.org>.
(cherry picked from commit 88bfd0bce0)

Co-authored-by: Christian Heimes <christian@python.org>
2018-08-14 16:53:04 +02:00
Christian Heimes 6663eb6b72 Issue #27691: Fix ssl module's parsing of GEN_RID subject alternative name fields in X.509 certs. 2016-09-06 23:25:35 +02:00