Skip to content

Change RSASHA256 key length to be FIPS compliant

After commit f4eb3ba4, that is part of removing 'auto-dnssec', the inline system test started to fail in FIPS CI jobs. This is because the 'nsec3-loop' zone started to use a RSASHA256 key size of 1024 and this is not FIPS compliant.

This commit changes the key size from 1024 to 4096, in order to become FIPS compliant again.

Closes #4222 (closed)

Merge request reports