Commit Graph

6 Commits

Author SHA1 Message Date
Yiming Jing
92f9db1746
tests/certs: rebuild certs with 2048-bit RSA keys
The previous test certificates contained RSA keys of only 1024 bits.
However, RSA claims that 1024-bit RSA keys are likely to become
crackable some time before 2010. The NIST recommends at least 2048-bit
keys for RSA for now.

Better use full 2048 also for testing.

Closes #2973
2018-09-12 16:09:17 +02:00
Marc Hoersken
b5486adc9b stunnel: regenerated self-signed test certificate with SHA1 hash
The previous test certificate contained a MD5 hash which is not
supported using TLSv1.2 with Schannel on Windows 7 or newer.

See the update to this blog post on IEInternals / MSDN:
http://blogs.msdn.com/b/ieinternals/archive/2011/03/25/
misbehaving-https-servers-impair-tls-1.1-and-tls-1.2.aspx

"Update: If the server negotiates a TLS1.2 connection with a
Windows 7 or 8 schannel.dll-using client application, and it
provides a certificate chain which uses the (weak) MD5 hash
algorithm, the client will abort the connection (TCP/IP FIN)
upon receipt of the certificate."
2014-02-22 16:49:09 +01:00
Yang Tse
e277d3b52b test harness: update stunnel.pem Diffie-Hellman parameters from 512 to 1024 bit 2012-01-25 11:50:44 +01:00
Daniel Stenberg
e3dab1bea2 jayjwa added the "DH PARAMETERS" to make this work with recent stunnels 2007-04-14 20:29:09 +00:00
Daniel Stenberg
3a61c98b65 Peter Sylvester brought code that now allows a callback to modified the URL
even when the multi interface is used, and then libcurl will simulate a
"follow location" to that new URL. Test 509 was added to test this feature.
2004-01-12 15:26:32 +00:00
Daniel Stenberg
0db04c4f56 added stunnel PEM 2001-09-17 08:41:45 +00:00