open-vault

Commit Graph

Author	SHA1	Message	Date
Alexander Scheel	2518cd1d6c	Remove signature_bits on intermediate generate (#15478 ) * Remove signature_bits on intermediate generate This extraneous field wasn't respected during intermediate generation and it isn't clear that it should be. Strictly, this field, if it were to exist, would control the CSR's internal signature algorithm (certutil defaults to the sane SHA-256 here). However, there's little value in changing this as the signing authority can and probably will override the final certificate's signature bits value, completely ignoring whatever was in the provided CSR. Removing this field will now cause warnings for those providing the parameter (which already wasn't respected), which is the desired behavior. No breakage should occur as a result of this change. Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> * Add changelog Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>	2022-05-18 09:36:39 -04:00

Author

SHA1

Message

Date

Alexander Scheel

2518cd1d6c

Remove signature_bits on intermediate generate (#15478 )

* Remove signature_bits on intermediate generate

This extraneous field wasn't respected during intermediate generation
and it isn't clear that it should be. Strictly, this field, if it were
to exist, would control the CSR's internal signature algorithm (certutil
defaults to the sane SHA-256 here). However, there's little value in
changing this as the signing authority can and probably will override
the final certificate's signature bits value, completely ignoring
whatever was in the provided CSR.

Removing this field will now cause warnings for those providing the
parameter (which already wasn't respected), which is the desired
behavior. No breakage should occur as a result of this change.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add changelog

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

2022-05-18 09:36:39 -04:00

1 Commits