Bug 2085499
| Summary: | openssl req defaults to 3DES [rhel-9.0.0.z] | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 9 | Reporter: | RHEL Program Management Team <pgm-rhel-tools> |
| Component: | openssl | Assignee: | Dmitry Belyavskiy <dbelyavs> |
| Status: | CLOSED ERRATA | QA Contact: | BaseOS QE Security Team <qe-baseos-security> |
| Severity: | low | Docs Contact: | |
| Priority: | low | ||
| Version: | 9.0 | CC: | dbelyavs, fdvorak, hkario, ssorce |
| Target Milestone: | rc | Keywords: | Triaged, ZStream |
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | openssl-3.0.1-29 | Doc Type: | Bug Fix |
| Doc Text: |
.OpenSSL generated private keys encrypted with 3DES using the req tool
OpenSSL req tool previously was generating private key files encrypted with the 3DES algorithm. As it is considered weak now, and is not an algorithm included in FIPS certification of RHEL-9, the generated files will now use AES-256-CBC instead. The overall file format: PKCS#8, with PBES2 and PBKDF2 remains unchanged.
|
Story Points: | --- |
| Clone Of: | 2063947 | Environment: | |
| Last Closed: | 2022-08-30 16:02:35 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 2063947 | ||
| Bug Blocks: | |||
|
Comment 11
errata-xmlrpc
2022-08-30 16:02:35 UTC
|