From 6aac3239b4ce9638c2c5647684dc4ff2a6afbb42 Mon Sep 17 00:00:00 2001
From: Jeremy Harris <jgh146exb@wizmail.org>
Date: Wed, 28 Nov 2018 19:45:24 +0000
Subject: TLS: Increase RSA keysize of autogen selfsign cert

---
 doc/doc-txt/ChangeLog | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'doc')

diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index f575a10e1..1bf611011 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -155,6 +155,11 @@ JH/33 Bug 2338: Fix the cyrus-sasl authenticator to fill in the
       $authenticated_fail_id variable on authentication failure.  Previously
       it was unset.
 
+JH/34 Increase RSA keysize of autogen selfsign cert from 1024 to 2048.  RHEL 8.0
+      OpenSSL didn't want to use such a weak key.  Do for GnuTLS also, and for
+      more-modern GnuTLS move from GNUTLS_SEC_PARAM_LOW to
+      GNUTLS_SEC_PARAM_MEDIUM.
+
 
 Exim version 4.91
 -----------------
-- 
cgit v1.2.3