mirror of
https://github.com/matrix-construct/construct
synced 2024-12-26 15:33:54 +01:00
ircd.conf.example: use certfp_method = spki_sha256
SHA1 is insecure. SHA2-512 is a bit long. Hashes of the full certificate are really impractical and people need to stop using them.
This commit is contained in:
parent
5adde7a4ed
commit
7380ded584
2 changed files with 2 additions and 2 deletions
|
@ -614,7 +614,7 @@ general {
|
|||
throttle_count = 4;
|
||||
max_ratelimit_tokens = 30;
|
||||
away_interval = 30;
|
||||
certfp_method = sha1;
|
||||
certfp_method = spki_sha256;
|
||||
hide_opers_in_whois = no;
|
||||
};
|
||||
|
||||
|
|
|
@ -1410,7 +1410,7 @@ general {
|
|||
* constant even if the certificate is reissued. These fingerprints will be prefixed with
|
||||
* "SPKI:SHA2-256:" or "SPKI:SHA2-512:" depending on the hash type.
|
||||
*/
|
||||
certfp_method = sha1;
|
||||
certfp_method = spki_sha256;
|
||||
|
||||
/* hide_opers_in_whois: if set to YES, then oper status will be hidden in /WHOIS output. */
|
||||
hide_opers_in_whois = no;
|
||||
|
|
Loading…
Reference in a new issue