kenmirrors/freeswitch
1
0
Fork 0
mirror of https://github.com/signalwire/freeswitch.git synced 2025-02-05 02:34:18 +00:00
Code Issues Projects Releases Wiki Activity
35,764 Commits 55 Branches 148 Tags
Commit Graph

13 Commits

Author SHA1 Message Date
Sebastian Kemper
70d1cbafe4 [gentls_cert] Update message digest 
Debian Buster updated /etc/ssl/openssl.cnf to default to

MinProtocol = TLSv1.2
CipherString = DEFAULT@SECLEVEL=2

gentls_cert currently uses SHA1 as message digest. According to OpenSSL
documentation this only offers 80 bit of security. 80 bits is enough for
security level 1, but not 2.

The OpenSSL default MD nowadays is SHA256. This commit updates
gentls_cert to use it.

Issue was reported on the FS mailing list. The certificates created by
gentls_cert caused "md too weak" errors and clients were unable to
connect.

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
 2019-11-13 20:40:42 +01:00
Sebastian Kemper
b784fd535b FS-10055: Fix gentls_cert script to use "@certsdir@" 
Currently gentls_cert uses "@prefix@/conf/ssl". But FreeSWITCH's
configure script provides "@certsdir@", so let's use that instead.

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
 2017-02-19 11:33:32 +01:00
Brian West
86f9029b98 Revert changes from FS-5719, You'll have to make these changes yourself locally if you want these types of certificates 2014-07-18 07:52:26 -05:00
Brian West
8b7c351fa4 FS-5719 --resolve 2013-08-21 11:29:48 -05:00
Brian West
bf2fc31aee FS-5695 --resolve 2013-08-21 11:21:04 -05:00
Brian West
c583224be1 FS-4375 --resolve 2012-07-02 14:30:39 -05:00
Brian West
2ec02e5445 FS-3890 2012-03-01 13:22:52 -06:00
Brian West
faf40311c6 FS-3777: --resolve 2011-12-22 13:58:25 -06:00
Brian West
408f28df07 FSBUILD-216 
git-svn-id: http://svn.freeswitch.org/svn/freeswitch/trunk@15965 d0543943-73ff-0310-b7d9-9358b9ac24b2
 2009-12-15 14:34:43 +00:00
Stefan Knoblich
87d8e4eda4 Add -days option to set expiration time of certificates in gentls_cert 
git-svn-id: http://svn.freeswitch.org/svn/freeswitch/trunk@13825 d0543943-73ff-0310-b7d9-9358b9ac24b2
 2009-06-17 23:11:19 +00:00
Stefan Knoblich
e1027f3967 More gentls_cert improvements: check for usable CA and improve confirmation prompt in create command 
git-svn-id: http://svn.freeswitch.org/svn/freeswitch/trunk@7266 d0543943-73ff-0310-b7d9-9358b9ac24b2
 2008-01-17 14:37:45 +00:00
Stefan Knoblich
df5ea7f602 Add -out option to specify filename for new cert, some other minor improvements 
git-svn-id: http://svn.freeswitch.org/svn/freeswitch/trunk@7265 d0543943-73ff-0310-b7d9-9358b9ac24b2
 2008-01-17 10:14:54 +00:00
Stefan Knoblich
24248ae102 Add gentls_cert script to create a CA and certificate for mod_sofia TLS 
git-svn-id: http://svn.freeswitch.org/svn/freeswitch/trunk@7234 d0543943-73ff-0310-b7d9-9358b9ac24b2
 2008-01-15 14:53:05 +00:00