Bug 12953 - Samba's autogenerated SSL cert uses SHA1
Summary: Samba's autogenerated SSL cert uses SHA1
Status: RESOLVED FIXED
Alias: None
Product: Samba 4.1 and newer
Classification: Unclassified
Component: AD: LDB/DSDB/SAMDB (show other bugs)
Version: 4.7.0rc3
Hardware: All All
: P5 normal (vote)
Target Milestone: ---
Assignee: Karolin Seeger
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2017-08-09 04:42 UTC by Andrew Bartlett
Modified: 2017-08-30 07:12 UTC (History)
3 users (show)

See Also:

Attachments
possible patch for master (1.67 KB, patch)
2017-08-09 04:56 UTC, Andrew Bartlett 		no flags Details
patch cherry-picked from master for 4.7 (1.78 KB, patch)
2017-08-18 03:12 UTC, Andrew Bartlett 		garming: review+
Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Andrew Bartlett 2017-08-09 04:42:54 UTC 
SHA1 is a bad idea, even for self-signed snake-oil certificates.
Comment 1 Andrew Bartlett 2017-08-09 04:56:53 UTC 
Created attachment 13454 [details]
possible patch for master
Comment 2 Andrew Bartlett 2017-08-18 03:12:08 UTC 
Created attachment 13481 [details]
patch cherry-picked from master for 4.7
Comment 3 Karolin Seeger 2017-08-21 09:34:38 UTC 
Pushed to autobuild-v4-7-test.
Comment 4 Karolin Seeger 2017-08-30 07:12:58 UTC 
Pushed to v4-7-test.
Closing out bug report.

Thanks!