webrick: fix tests on Debian sid/unstable with OpenSSL 1.1.1a

OpenSSL complains abour our keys being small and weak :< Make them big and strong with 2048-bit RSA keys and SHA256 digests git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66152 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2022-11-09 12:17:21 -05:00 · 2018-12-03 04:51:08 +00:00 · 2018-12-03 04:51:08 +00:00 · a063f71a7c
commit a063f71a7c
parent b94e344b9d
2 changed files with 3 additions and 3 deletions
--- a/lib/webrick/ssl.rb
+++ b/lib/webrick/ssl.rb
@ -130,7 +130,7 @@ module WEBrick
      aki = ef.create_extension("authorityKeyIdentifier",
                                "keyid:always,issuer:always")
      cert.add_extension(aki)
-      cert.sign(rsa, OpenSSL::Digest::SHA1.new)
+      cert.sign(rsa, OpenSSL::Digest::SHA256.new)

      return [ cert, rsa ]
    end
@ -181,7 +181,7 @@ module WEBrick
      unless config[:SSLCertificate]
        cn = config[:SSLCertName]
        comment = config[:SSLCertComment]
-        cert, key = Utils::create_self_signed_cert(1024, cn, comment)
+        cert, key = Utils::create_self_signed_cert(2048, cn, comment)
        config[:SSLCertificate] = cert
        config[:SSLPrivateKey] = key
      end
--- a/test/webrick/test_httpproxy.rb
+++ b/test/webrick/test_httpproxy.rb
@ -230,7 +230,7 @@ class TestWEBrickHTTPProxy < Test::Unit::TestCase
    cert.not_after = Time.now + 3600
    ef = OpenSSL::X509::ExtensionFactory.new(cert, cert)
    exts.each {|args| cert.add_extension(ef.create_extension(*args)) }
-    cert.sign(key, "sha1")
+    cert.sign(key, "sha256")
    return cert
  end if defined?(OpenSSL::SSL)