Closed hisanhunais closed 3 months ago
Attention: Patch coverage is 50.00000%
with 13 lines
in your changes are missing coverage. Please review.
Project coverage is 41.62%. Comparing base (
9471b04
) to head (d2a9555
). Report is 11 commits behind head on master.
:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.
Purpose
This PR changes the default certificate hashing algorithm to SHA-256 instead of SHA-1.
The following flows are affected due to this change.
The certificate hashing algorithm used in generating API keys will now use SHA-256 as the hashing algorithm
The certificate hashing algorithm used in generating backend JWTs for JWT and Opaque token SPs will now use SHA-256 as the default hashing algorithm. A config is provided to use SHA-1 as follows.
api-manager.xml.j2
To use SHA-1 instead of SHA-256, the following has to be added to the deployment.toml.
deployment.toml
[1] https://github.com/wso2/product-apim/pull/13455