Manuel Pégourié-Gonnard 351dd59e9a compat.sh: quit using SHA-1 certificates ... Replace server2.crt with server2-sha256.crt which, as the name implies, is just the SHA-256 version of the same certificate. Replace server1.crt with cert_sha256.crt which, as the name doesn't imply, is associated with the same key and just have a slightly different Subject Name, which doesn't matter in this instance. The other certificates used in this script (server5.crt and server6.crt) are already signed with SHA-256. This change is motivated by the fact that recent versions of GnuTLS (or older versions with the Debian patches) reject SHA-1 in certificates by default, as they should. There are options to still accept it (%VERIFY_ALLOW_BROKEN and %VERIFY_ALLOW_SIGN_WITH_SHA1) but: - they're not available in all versions that reject SHA-1-signed certs; - moving to SHA-2 just seems cleaner anyway. Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>		2020-08-21 13:42:27 +02:00
..
.jenkins	Add Jenkinsfile for PR job	2018-10-19 15:25:57 +01:00
configs	Update copyright notices to use Linux Foundation guidance	2020-08-19 16:54:51 +02:00
data_files	Update copyright notices to use Linux Foundation guidance	2020-08-19 16:54:51 +02:00
git-scripts	Fix license header in pre-commit hook	2020-08-20 09:27:07 +02:00
scripts	Update copyright notices to use Linux Foundation guidance	2020-08-19 16:54:51 +02:00
suites	Merge pull request #3556 from mpg/x509-verify-non-dns-san-2.7	2020-08-18 10:02:16 +02:00
.gitignore	Move some ignore patterns to subdirectories	2015-01-28 15:33:23 +00:00
CMakeLists.txt	Add a facility to skip running some test suites	2018-12-14 18:50:34 +01:00
compat.sh	compat.sh: quit using SHA-1 certificates	2020-08-21 13:42:27 +02:00
Descriptions.txt
Makefile	Merge remote-tracking branch 'origin/pr/2320' into mbedtls-2.7	2019-06-21 15:55:21 +01:00
ssl-opt.sh	Update copyright notices to use Linux Foundation guidance	2020-08-19 16:54:51 +02:00