Update all test certs and keys to use future proof crypto settings:
* 3072 bit RSA keys
* SHA-256 signature
Signed-off-by: Christian Heimes <christian@python.org>.
(cherry picked from commit e6dac00779)
https://bugs.python.org/issue34542
Downstream vendors have started to deprecate weak keys. Update all RSA keys
and DH params to use at least 2048 bits.
Finite field DH param file use RFC 7919 values, generated with
certtool --get-dh-params --sec-param=high
Signed-off-by: Christian Heimes <christian@python.org>.
(cherry picked from commit 88bfd0bce0)
Co-authored-by: Christian Heimes <christian@python.org>