use the specified digest for the CSR
authorale <ale@incal.net>
Sat, 27 Sep 2014 08:32:33 +0000 (09:32 +0100)
committerale <ale@incal.net>
Sat, 27 Sep 2014 08:32:33 +0000 (09:32 +0100)
cam/ca.py

index f870389..3344c43 100644 (file)
--- a/cam/ca.py
+++ b/cam/ca.py
@@ -187,6 +187,7 @@ class CA(object):
             openssl_wrap.run_with_config(
                 self.basedir, conf_file,
                 'req', '-new', '-keyout', cert.private_key_file,
             openssl_wrap.run_with_config(
                 self.basedir, conf_file,
                 'req', '-new', '-keyout', cert.private_key_file,
+                '-' + self.config['signature_algorithm'],
                 '-nodes', '-out', csr_file)
             os.chmod(cert.private_key_file, 0600)
             openssl_wrap.run_with_config(
                 '-nodes', '-out', csr_file)
             os.chmod(cert.private_key_file, 0600)
             openssl_wrap.run_with_config(