Change RSASHA256 key length to be FIPS compliant (!8131) · Merge requests · ISC Open Source Projects / BIND

Matthijs Mekking requested to merge 4222-inline-system-test-ns7-fails-to-start into main Jul 24, 2023

After commit f4eb3ba4, that is part of removing 'auto-dnssec', the inline system test started to fail in FIPS CI jobs. This is because the 'nsec3-loop' zone started to use a RSASHA256 key size of 1024 and this is not FIPS compliant.

This commit changes the key size from 1024 to 4096, in order to become FIPS compliant again.

Closes #4222 (closed)

Change RSASHA256 key length to be FIPS compliant

Merge request reports