From 0fcad8f65e1066baf1bb4340278ada06e4373cc8 Mon Sep 17 00:00:00 2001
From: Jeffrey Townsend <jeffrey.townsend@bigswitch.com>
Date: Wed, 22 Jun 2016 20:56:15 +0000
Subject: [PATCH] Use -sha256 for certificate signing.

---
 .../base/all/vendor-config-onl/src/python/onl/pki/__init__.py   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/packages/base/all/vendor-config-onl/src/python/onl/pki/__init__.py b/packages/base/all/vendor-config-onl/src/python/onl/pki/__init__.py
index ad96778e..f5c27b73 100755
--- a/packages/base/all/vendor-config-onl/src/python/onl/pki/__init__.py
+++ b/packages/base/all/vendor-config-onl/src/python/onl/pki/__init__.py
@@ -58,7 +58,7 @@ class OnlPki(OnlServiceMixin):
                         os.makedirs(self.CONFIG_PKI_DIR)
                     self._execute("""openssl req -new -batch -subj "%s" -key %s -out %s""" % (
                             subject, self.kpath, csr.name))
-                    self._execute("""openssl x509 -req -days %s -in %s -signkey %s -out %s""" % (
+                    self._execute("""openssl x509 -req -days %s -sha256 -in %s -signkey %s -out %s""" % (
                             sysconfig.pki.cert.csr.cdays,
                             csr.name, self.kpath, self.cpath))
                 os.unlink(csr.name)