Use stronger RSA algorithm. JM-1521

git-svn-id: http://svn.igniterealtime.org/svn/repos/openfire/trunk@10959 b35dd754-fafc-0310-a699-88a17e54d16e

Use stronger RSA algorithm. JM-1521
git-svn-id: http://svn.igniterealtime.org/svn/repos/openfire/trunk@10959 b35dd754-fafc-0310-a699-88a17e54d16e
39a15ea1 · Gaston Dombiak · gato · 46dcb3c5 · 39a15ea1
Commit 39a15ea1 authored Jan 28, 2009 by Gaston Dombiak Committed by gato Jan 28, 2009
Show whitespace changes
Inline Side-by-side

Showing with 2 additions and 2 deletions

CertificateManager.java src/java/org/jivesoftware/util/CertificateManager.java +2 -2

No files found.
--- a/src/java/org/jivesoftware/util/CertificateManager.java
+++ b/src/java/org/jivesoftware/util/CertificateManager.java
@@ -123,7 +123,7 @@ public class CertificateManager {
        // Generate public and private keys
        KeyPair keyPair = generateKeyPair("RSA", 1024);
        // Create X509 certificate with keys and specified domain
-        X509Certificate cert = createX509V3Certificate(keyPair, 60, issuerDN, subjectDN, domain, "MD5withRSA");
+        X509Certificate cert = createX509V3Certificate(keyPair, 60, issuerDN, subjectDN, domain, "SHA1WITHRSAENCRYPTION");
        // Store new certificate and private key in the keystore
        ksKeys.setKeyEntry(alias, keyPair.getPrivate(), keyPassword.toCharArray(), new X509Certificate[]{cert});
        // Notify listeners that a new certificate has been created
@@ -387,7 +387,7 @@ public class CertificateManager {

        PublicKey pubKey = cert.getPublicKey();

-        String signatureAlgorithm = "DSA".equals(pubKey.getAlgorithm()) ? "SHA1withDSA" : "MD5withRSA";
+        String signatureAlgorithm = "DSA".equals(pubKey.getAlgorithm()) ? "SHA1withDSA" : "SHA1WITHRSAENCRYPTION";

        PKCS10CertificationRequest csr =
                new PKCS10CertificationRequest(signatureAlgorithm, xname, pubKey, null, privKey);