Bug 1175904
Summary: | Does RHEL 5 openssl-0.9.8e* support SHA-2? | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 5 | Reporter: | Bryan Totty <btotty> |
Component: | openssl | Assignee: | Tomas Mraz <tmraz> |
Status: | CLOSED NOTABUG | QA Contact: | BaseOS QE Security Team <qe-baseos-security> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 5.11 | ||
Target Milestone: | rc | ||
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2014-12-19 08:07:16 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Bryan Totty
2014-12-18 20:50:03 UTC
The patch above is present in our packages. Basically there is full support for SHA-2 algorithms including X509 certificates except for TLS ciphersuites because the SHA-2 support in TLS ciphersuites is present in TLS 1.2 only which is not available in RHEL-5 OpenSSL. Of course the defaults for generating new certificates do not use SHA-2 because that was changed in later RHEL releases only. There is no problem with locally changing the default in openssl.conf by the system administrator though. I am closing the bug as NOTABUG, feel free to reopen and reassign to appropriate documentation component if you think this comment is not sufficient. Although I think that simple KBase article should be sufficient. |