sge_ca should use sha256 signatures by default
|Reported by:||tourist||Owned by:|
Current versions of openssl (e.g. the one in RHEL/CentOS 7) have deprecated older, less secure signature algorithms. This includes md5, which is used by default by sge_ca when running in CSP mode. The result of this is hard-to-diagnose failures when trying to run in CSP mode on such a distribution. Examples include sge_qmaster failing to start on CentOS 7, and a CentOS 7 submit host failing when trying to talk to a CentOS 6 queue master.
Changing the default signature algorithm to sha256 seems to entirely resolve this issue.