From b637304542bf6739f8560a1ce4eeb8b9f6cd96de Mon Sep 17 00:00:00 2001
From: dmiller <dmiller@e0a8ed71-7df4-0310-8962-fdc924857419>
Date: Fri, 1 May 2026 19:12:23 +0000
Subject: [PATCH] Use SHA256 instead of SHA-1 for Ncat temporary cert

---
 ncat/ncat_ssl.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ncat/ncat_ssl.c b/ncat/ncat_ssl.c
index b48f6675a..72d91534c 100644
--- a/ncat/ncat_ssl.c
+++ b/ncat/ncat_ssl.c
@@ -588,7 +588,7 @@ static int ssl_gen_cert(X509 **cert, EVP_PKEY **key)
 #endif
 
     /* Sign it. */
-    if (X509_sign(*cert, *key, EVP_sha1()) == 0)
+    if (X509_sign(*cert, *key, EVP_sha256()) == 0)
         goto err;
 
     return 1;