RT2626: Change default_bits from 1K to 2K This is a more comprehensive fix. It changes all keygen apps to use 2K keys. It also changes the default to use SHA256 not SHA1. This is from Kurt's upstream Debian changes. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Kurt Roeckx <kurt@openssl.org>
diff --git a/apps/openssl.cnf b/apps/openssl.cnf index 514e640..41c2a37 100644 --- a/apps/openssl.cnf +++ b/apps/openssl.cnf
@@ -103,7 +103,7 @@ #################################################################### [ req ] -default_bits = 1024 +default_bits = 2048 default_keyfile = privkey.pem distinguished_name = req_distinguished_name attributes = req_attributes