Over the coming months, web browsers will progressively start to first warn for certificate chains including SHA-1 hashes, then treat them as insecure (including disabling certain content - scripts etc). Chrome are initially doing this for certs expiring after Jan 2017, but will progressively slide it forward to certs expiring after Jan 2016.
Since my previous attempt to at least show this in ssl(8) examples for "openssl req" a few months ago, I've spent some time digging for where the defaults are set in the code as a nicer place to set sane values, but haven't tracked it down yet. Would it be OK to set it in the default config for now? (or does anyone have an idea of where in the code this comes from?) Index: openssl.cnf =================================================================== RCS file: /cvs/src/lib/libcrypto/openssl.cnf,v retrieving revision 1.1 diff -u -p -r1.1 openssl.cnf --- openssl.cnf 11 Apr 2014 22:51:53 -0000 1.1 +++ openssl.cnf 30 Sep 2014 22:42:53 -0000 @@ -7,7 +7,8 @@ #################################################################### [ req ] -default_bits = 1024 +default_bits = 2048 +default_md = sha256 default_keyfile = privkey.pem distinguished_name = req_distinguished_name attributes = req_attributes
