From e9ab1fcd8dd27c25032d57ebd83fe2afc9f0758e Mon Sep 17 00:00:00 2001
From: Anna Khmelnitsky <akhmelnitsky@vmware.com>
Date: Fri, 25 May 2018 12:41:44 -0700
Subject: [PATCH] Remove sha224 from supported client cert hash algs

This is no longer supported by platform

Change-Id: I39cbb1a718bcbe0bd9e0ccff9b9cae4fdddcaccf
---
 vmware_nsxlib/tests/unit/v3/test_cert.py | 2 +-
 vmware_nsxlib/v3/client_cert.py          | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/vmware_nsxlib/tests/unit/v3/test_cert.py b/vmware_nsxlib/tests/unit/v3/test_cert.py
index b0498ea7..408dbe10 100644
--- a/vmware_nsxlib/tests/unit/v3/test_cert.py
+++ b/vmware_nsxlib/tests/unit/v3/test_cert.py
@@ -289,7 +289,7 @@ class NsxV3ClientCertificateTestCase(nsxlib_testcase.NsxClientTestCase):
                             'subject': {}},
                            {'key_size': 4096,
                             'valid_for_days': 100,
-                            'signature_alg': 'sha',
+                            'signature_alg': 'sha224',
                             'subject': {}}]
 
         for args in bad_cert_values:
diff --git a/vmware_nsxlib/v3/client_cert.py b/vmware_nsxlib/v3/client_cert.py
index 2a9f1df8..3bd4a4d4 100644
--- a/vmware_nsxlib/v3/client_cert.py
+++ b/vmware_nsxlib/v3/client_cert.py
@@ -44,7 +44,7 @@ def validate_cert_params(key_size, valid_for_days,
             {'value': key_size,
              'list': expected_key_sizes})
 
-    expected_signature_algs = ('sha224', 'sha256')
+    expected_signature_algs = ('sha256')
     if signature_alg not in expected_signature_algs:
         raise nsxlib_exceptions.NsxLibInvalidInput(
             error_message=_('Invalid signature algorithm %(value)s'