Bug 12953 - Samba's autogenerated SSL cert uses SHA1
Summary: Samba's autogenerated SSL cert uses SHA1
Status: RESOLVED FIXED
Alias: None
Product: Samba 4.1 and newer
Classification: Unclassified
Component: AD: LDB/DSDB/SAMDB (show other bugs)
Version: 4.7.0rc3
Hardware: All All
: P5 normal (vote)
Target Milestone: ---
Assignee: Karolin Seeger
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2017-08-09 04:42 UTC by Andrew Bartlett
Modified: 2017-08-30 07:12 UTC (History)
3 users (show)

See Also:


Attachments
possible patch for master (1.67 KB, patch)
2017-08-09 04:56 UTC, Andrew Bartlett
no flags Details
patch cherry-picked from master for 4.7 (1.78 KB, patch)
2017-08-18 03:12 UTC, Andrew Bartlett
garming: review+
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Andrew Bartlett 2017-08-09 04:42:54 UTC
SHA1 is a bad idea, even for self-signed snake-oil certificates.
Comment 1 Andrew Bartlett 2017-08-09 04:56:53 UTC
Created attachment 13454 [details]
possible patch for master
Comment 2 Andrew Bartlett 2017-08-18 03:12:08 UTC
Created attachment 13481 [details]
patch cherry-picked from master for 4.7
Comment 3 Karolin Seeger 2017-08-21 09:34:38 UTC
Pushed to autobuild-v4-7-test.
Comment 4 Karolin Seeger 2017-08-30 07:12:58 UTC
Pushed to v4-7-test.
Closing out bug report.

Thanks!