Hi,
I am an ILS Engineer working for CGI IT UK Limited. At the present time I am
looking at software obsolescence issues that relate to the CGI project I am
working on. On this project we use OpenSSL FIPS 1.2 and FIPS 1.2.4.
In order to support our process of monitoring software obsolescence I
This is a copy from https://bugzilla.redhat.com/show_bug.cgi?id=1062777
openssl currently employs SHA256 for signing certificates by default.
For larger key sizes, it would be better to choose a stronger hash
algorithm instead, as long as the user doesn't request some specific
algorithm. See
