ca8c701 Add SHA384withRSA as a certificate signing algorithm

15 files Authored by rcritten 2 years ago, Committed by frenaud 2 years ago,
    Add SHA384withRSA as a certificate signing algorithm
    
    It required support in dogtag which was added in 10.5.0.
    
    This is only easily configurable during installation because
    it will set ca.signing.defaultSigningAlgorithm to the
    selected algorithm in CS.cfg
    
    The certificate profiles will generally by default set
    default.params.signingAlg=- which means use the CA default.
    
    So while an existing installation will technically allow
    SHA384withRSA it will require profile changes and/or
    changing the defaultSigningAlgorithm in CS.cfg and
    restarting (completely untested). And that won't affect
    already issued-certificates.
    
    https://pagure.io/freeipa/issue/8906
    
    Signed-off-by: Rob Crittenden <rcritten@redhat.com>
    Reviewed-By: Florence Blanc-Renaud <frenaud@redhat.com>
    
        
file modified
+1 -0