Upgrade HMAC digest algorithm to SHA-512

This was long overdue for compatibility reasons. My decision to force the upgrade now, has been made following recomendations published in the OpenVPN 2.4 audit performed by Cryptography Engineering LLC.
2024-07-02 17:55:47 +02:00 · 2017-06-04 13:16:57 +02:00 · 2017-06-04 13:16:57 +02:00 · c0f0d47a64
commit c0f0d47a64
parent bcca288029
1 changed files with 2 additions and 0 deletions
--- a/openvpn-install.sh
+++ b/openvpn-install.sh
@ -264,6 +264,7 @@ ca ca.crt
 cert server.crt
 key server.key
 dh dh.pem
+auth SHA512
 tls-auth ta.key 0
 topology subnet
 server 10.8.0.0 255.255.255.0
@ -402,6 +403,7 @@ nobind
 persist-key
 persist-tun
 remote-cert-tls server
+auth SHA512
 cipher AES-256-CBC
 comp-lzo
 setenv opt block-outside-dns