Please update ca.pem with SHA256 hashsum
I'm struggling to convert PEM certificates into CSR to tweak and resign them.
The ca.pem certificate that is listed in the docs and used in compat tests only has MD5 and SH1 hashes. Can you also please add SHA256 hash to it?
As per ssl-pulse survey there are no SHA1 certs on the public internet anymore and Ubuntu/Debian OpenSSL rejects SHA1 certs in default configuration. (SECLEVEL=2)