From 663247bf1181043d168a542b0d0d56cc0318e2f7 Mon Sep 17 00:00:00 2001 From: Pauli Date: Mon, 10 Feb 2020 10:23:57 +1000 Subject: [PATCH] Add NEWS entry about deprecation of command line public tools Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/10977) --- NEWS | 3 +++ 1 file changed, 3 insertions(+) diff --git a/NEWS b/NEWS index 4d7f0d01c6..ac3372dca5 100644 --- a/NEWS +++ b/NEWS @@ -7,6 +7,9 @@ Major changes between OpenSSL 1.1.1 and OpenSSL 3.0.0 [under development] + o The algorithm specific public key command line applications have + been deprecated. These include dhparam, gendsa and others. The pkey + alternatives should be used intead: pkey, pkeyparam and genpkey. o X509 certificates signed using SHA1 are no longer allowed at security level 1 or higher. The default security level for TLS is 1, so certificates signed using SHA1 are by default no longer trusted to -- 2.25.1