diff --git a/ext/openssl/extconf.rb b/ext/openssl/extconf.rb

index fedcb93..53ad621 100644

--- a/ext/openssl/extconf.rb

+++ b/ext/openssl/extconf.rb

@@ -169,6 +169,7 @@ have_func("SSL_CTX_set_post_handshake_auth")

 # added in 1.1.1

 have_func("EVP_PKEY_check")

+have_func("SSL_CTX_set_ciphersuites")

 # added in 3.0.0

 have_func("SSL_set0_tmp_dh_pkey")

diff --git a/ext/openssl/ossl.h b/ext/openssl/ossl.h

index 4b51268..2ab8aea 100644

--- a/ext/openssl/ossl.h

+++ b/ext/openssl/ossl.h

@@ -43,13 +43,13 @@

 #ifndef LIBRESSL_VERSION_NUMBER

 # define OSSL_IS_LIBRESSL 0

 # define OSSL_OPENSSL_PREREQ(maj, min, pat) \

-      (OPENSSL_VERSION_NUMBER >= (maj << 28) | (min << 20) | (pat << 12))

+      (OPENSSL_VERSION_NUMBER >= ((maj << 28) | (min << 20) | (pat << 12)))

 # define OSSL_LIBRESSL_PREREQ(maj, min, pat) 0

 #else

 # define OSSL_IS_LIBRESSL 1

 # define OSSL_OPENSSL_PREREQ(maj, min, pat) 0

 # define OSSL_LIBRESSL_PREREQ(maj, min, pat) \

-      (LIBRESSL_VERSION_NUMBER >= (maj << 28) | (min << 20) | (pat << 12))

+      (LIBRESSL_VERSION_NUMBER >= ((maj << 28) | (min << 20) | (pat << 12)))

 #endif

 #if !defined(OPENSSL_NO_ENGINE) && !OSSL_OPENSSL_PREREQ(3, 0, 0)

diff --git a/ext/openssl/ossl_asn1.c b/ext/openssl/ossl_asn1.c

index a61d3ee..0d3fa9a 100644

--- a/ext/openssl/ossl_asn1.c

+++ b/ext/openssl/ossl_asn1.c

@@ -1522,7 +1522,7 @@ Init_ossl_asn1(void)

      *

      * An Array that stores the name of a given tag number. These names are

      * the same as the name of the tag constant that is additionally defined,

-     * e.g. +UNIVERSAL_TAG_NAME[2] = "INTEGER"+ and +OpenSSL::ASN1::INTEGER = 2+.

+     * e.g. <tt>UNIVERSAL_TAG_NAME[2] = "INTEGER"</tt> and <tt>OpenSSL::ASN1::INTEGER = 2</tt>.

      *

      * == Example usage

      *

diff --git a/ext/openssl/ossl_pkey.c b/ext/openssl/ossl_pkey.c

index 2a4835a..24d0da4 100644

--- a/ext/openssl/ossl_pkey.c

+++ b/ext/openssl/ossl_pkey.c

@@ -670,7 +670,7 @@ ossl_pkey_export_traditional(int argc, VALUE *argv, VALUE self, int to_der)

 	}

     }

     else {

-#if OPENSSL_VERSION_NUMBER >= 0x10100000 && !defined(LIBRESSL_VERSION_NUMBER)

+#if OSSL_OPENSSL_PREREQ(1, 1, 0) || OSSL_LIBRESSL_PREREQ(3, 5, 0)

 	if (!PEM_write_bio_PrivateKey_traditional(bio, pkey, enc, NULL, 0,

 						  ossl_pem_passwd_cb,

 						  (void *)pass)) {

diff --git a/ext/openssl/ossl_ssl.c b/ext/openssl/ossl_ssl.c

index 9a0682a..af262d9 100644

--- a/ext/openssl/ossl_ssl.c

+++ b/ext/openssl/ossl_ssl.c

@@ -959,27 +959,13 @@ ossl_sslctx_get_ciphers(VALUE self)

     return ary;

 }

-/*

- * call-seq:

- *    ctx.ciphers = "cipher1:cipher2:..."

- *    ctx.ciphers = [name, ...]

- *    ctx.ciphers = [[name, version, bits, alg_bits], ...]

- *

- * Sets the list of available cipher suites for this context.  Note in a server

- * context some ciphers require the appropriate certificates.  For example, an

- * RSA cipher suite can only be chosen when an RSA certificate is available.

- */

 static VALUE

-ossl_sslctx_set_ciphers(VALUE self, VALUE v)

+build_cipher_string(VALUE v)

 {

-    SSL_CTX *ctx;

     VALUE str, elem;

     int i;

-    rb_check_frozen(self);

-    if (NIL_P(v))

-	return v;

-    else if (RB_TYPE_P(v, T_ARRAY)) {

+    if (RB_TYPE_P(v, T_ARRAY)) {

         str = rb_str_new(0, 0);

         for (i = 0; i < RARRAY_LEN(v); i++) {

             elem = rb_ary_entry(v, i);

@@ -993,14 +979,67 @@ ossl_sslctx_set_ciphers(VALUE self, VALUE v)

         StringValue(str);

     }

+    return str;

+}

+

+/*

+ * call-seq:

+ *    ctx.ciphers = "cipher1:cipher2:..."

+ *    ctx.ciphers = [name, ...]

+ *    ctx.ciphers = [[name, version, bits, alg_bits], ...]

+ *

+ * Sets the list of available cipher suites for this context.  Note in a server

+ * context some ciphers require the appropriate certificates.  For example, an

+ * RSA cipher suite can only be chosen when an RSA certificate is available.

+ */

+static VALUE

+ossl_sslctx_set_ciphers(VALUE self, VALUE v)

+{

+    SSL_CTX *ctx;

+    VALUE str;

+

+    rb_check_frozen(self);

+    if (NIL_P(v))

+        return v;

+

+    str = build_cipher_string(v);

+

     GetSSLCTX(self, ctx);

-    if (!SSL_CTX_set_cipher_list(ctx, StringValueCStr(str))) {

+    if (!SSL_CTX_set_cipher_list(ctx, StringValueCStr(str)))

         ossl_raise(eSSLError, "SSL_CTX_set_cipher_list");

-    }

     return v;

 }

+#ifdef HAVE_SSL_CTX_SET_CIPHERSUITES

+/*

+ * call-seq:

+ *    ctx.ciphersuites = "cipher1:cipher2:..."

+ *    ctx.ciphersuites = [name, ...]

+ *    ctx.ciphersuites = [[name, version, bits, alg_bits], ...]

+ *

+ * Sets the list of available TLSv1.3 cipher suites for this context.

+ */

+static VALUE

+ossl_sslctx_set_ciphersuites(VALUE self, VALUE v)

+{

+    SSL_CTX *ctx;

+    VALUE str;

+

+    rb_check_frozen(self);

+    if (NIL_P(v))

+        return v;

+

+    str = build_cipher_string(v);

+

+    GetSSLCTX(self, ctx);

+    if (!SSL_CTX_set_ciphersuites(ctx, StringValueCStr(str)))

+        ossl_raise(eSSLError, "SSL_CTX_set_ciphersuites");

+

+    return v;

+}

+#endif

+

 #ifndef OPENSSL_NO_DH

 /*

  * call-seq:

@@ -2703,6 +2742,9 @@ Init_ossl_ssl(void)

 			     ossl_sslctx_set_minmax_proto_version, 2);

     rb_define_method(cSSLContext, "ciphers",     ossl_sslctx_get_ciphers, 0);

     rb_define_method(cSSLContext, "ciphers=",    ossl_sslctx_set_ciphers, 1);

+#ifdef HAVE_SSL_CTX_SET_CIPHERSUITES

+    rb_define_method(cSSLContext, "ciphersuites=", ossl_sslctx_set_ciphersuites, 1);

+#endif

 #ifndef OPENSSL_NO_DH

     rb_define_method(cSSLContext, "tmp_dh=", ossl_sslctx_set_tmp_dh, 1);

 #endif

diff --git a/test/openssl/test_asn1.rb b/test/openssl/test_asn1.rb

index 0fd7971..c79bc14 100644

--- a/test/openssl/test_asn1.rb

+++ b/test/openssl/test_asn1.rb

@@ -14,7 +14,7 @@ class  OpenSSL::TestASN1 < OpenSSL::TestCase

       ["keyUsage","keyCertSign, cRLSign",true],

       ["subjectKeyIdentifier","hash",false],

     ]

-    dgst = OpenSSL::Digest.new('SHA1')

+    dgst = OpenSSL::Digest.new('SHA256')

     cert = OpenSSL::TestUtils.issue_cert(

       subj, key, s, exts, nil, nil, digest: dgst, not_before: now, not_after: now+3600)

@@ -42,7 +42,7 @@ class  OpenSSL::TestASN1 < OpenSSL::TestCase

     assert_equal(OpenSSL::ASN1::Sequence, sig.class)

     assert_equal(2, sig.value.size)

     assert_equal(OpenSSL::ASN1::ObjectId, sig.value[0].class)

-    assert_equal("1.2.840.113549.1.1.5", sig.value[0].oid)

+    assert_equal("1.2.840.113549.1.1.11", sig.value[0].oid)

     assert_equal(OpenSSL::ASN1::Null, sig.value[1].class)

     dn = tbs_cert.value[3] # issuer

@@ -189,7 +189,7 @@ class  OpenSSL::TestASN1 < OpenSSL::TestCase

     assert_equal(OpenSSL::ASN1::Null, pkey.value[0].value[1].class)

     assert_equal(OpenSSL::ASN1::BitString, sig_val.class)

-    cululated_sig = key.sign(OpenSSL::Digest.new('SHA1'), tbs_cert.to_der)

+    cululated_sig = key.sign(OpenSSL::Digest.new('SHA256'), tbs_cert.to_der)

     assert_equal(cululated_sig, sig_val.value)

   end

diff --git a/test/openssl/test_ns_spki.rb b/test/openssl/test_ns_spki.rb

index ed3be86..383931b 100644

--- a/test/openssl/test_ns_spki.rb

+++ b/test/openssl/test_ns_spki.rb

@@ -22,7 +22,7 @@ class OpenSSL::TestNSSPI < OpenSSL::TestCase

     spki = OpenSSL::Netscape::SPKI.new

     spki.challenge = "RandomString"

     spki.public_key = key1.public_key

-    spki.sign(key1, OpenSSL::Digest.new('SHA1'))

+    spki.sign(key1, OpenSSL::Digest.new('SHA256'))

     assert(spki.verify(spki.public_key))

     assert(spki.verify(key1.public_key))

     assert(!spki.verify(key2.public_key))

diff --git a/test/openssl/test_pkey_dsa.rb b/test/openssl/test_pkey_dsa.rb

index 726b7db..08213df 100644

--- a/test/openssl/test_pkey_dsa.rb

+++ b/test/openssl/test_pkey_dsa.rb

@@ -36,8 +36,8 @@ class OpenSSL::TestPKeyDSA < OpenSSL::PKeyTestCase

       assert_equal true, dsa512.verify(OpenSSL::Digest.new('DSS1'), signature, data)

     end

-    signature = dsa512.sign("SHA1", data)

-    assert_equal true, dsa512.verify("SHA1", signature, data)

+    signature = dsa512.sign("SHA256", data)

+    assert_equal true, dsa512.verify("SHA256", signature, data)

     signature0 = (<<~'end;').unpack("m")[0]

       MCwCFH5h40plgU5Fh0Z4wvEEpz0eE9SnAhRPbkRB8ggsN/vsSEYMXvJwjGg/

diff --git a/test/openssl/test_pkey_ec.rb b/test/openssl/test_pkey_ec.rb

index ffe5a94..c06fe6f 100644

--- a/test/openssl/test_pkey_ec.rb

+++ b/test/openssl/test_pkey_ec.rb

@@ -98,8 +98,8 @@ class OpenSSL::TestEC < OpenSSL::PKeyTestCase

   def test_sign_verify

     p256 = Fixtures.pkey("p256")

     data = "Sign me!"

-    signature = p256.sign("SHA1", data)

-    assert_equal true, p256.verify("SHA1", signature, data)

+    signature = p256.sign("SHA256", data)

+    assert_equal true, p256.verify("SHA256", signature, data)

     signature0 = (<<~'end;').unpack("m")[0]

       MEQCIEOTY/hD7eI8a0qlzxkIt8LLZ8uwiaSfVbjX2dPAvN11AiAQdCYx56Fq

diff --git a/test/openssl/test_pkey_rsa.rb b/test/openssl/test_pkey_rsa.rb

index 4bb39ed..9e06e43 100644

--- a/test/openssl/test_pkey_rsa.rb

+++ b/test/openssl/test_pkey_rsa.rb

@@ -80,8 +80,8 @@ class OpenSSL::TestPKeyRSA < OpenSSL::PKeyTestCase

   def test_sign_verify

     rsa1024 = Fixtures.pkey("rsa1024")

     data = "Sign me!"

-    signature = rsa1024.sign("SHA1", data)

-    assert_equal true, rsa1024.verify("SHA1", signature, data)

+    signature = rsa1024.sign("SHA256", data)

+    assert_equal true, rsa1024.verify("SHA256", signature, data)

     signature0 = (<<~'end;').unpack("m")[0]

       oLCgbprPvfhM4pjFQiDTFeWI9Sk+Og7Nh9TmIZ/xSxf2CGXQrptlwo7NQ28+

@@ -113,10 +113,10 @@ class OpenSSL::TestPKeyRSA < OpenSSL::PKeyTestCase

   def test_sign_verify_raw

     key = Fixtures.pkey("rsa-1")

     data = "Sign me!"

-    hash = OpenSSL::Digest.digest("SHA1", data)

-    signature = key.sign_raw("SHA1", hash)

-    assert_equal true, key.verify_raw("SHA1", signature, hash)

-    assert_equal true, key.verify("SHA1", signature, data)

+    hash = OpenSSL::Digest.digest("SHA256", data)

+    signature = key.sign_raw("SHA256", hash)

+    assert_equal true, key.verify_raw("SHA256", signature, hash)

+    assert_equal true, key.verify("SHA256", signature, data)

     # Too long data

     assert_raise(OpenSSL::PKey::PKeyError) {

@@ -129,9 +129,9 @@ class OpenSSL::TestPKeyRSA < OpenSSL::PKeyTestCase

       "rsa_pss_saltlen" => 20,

       "rsa_mgf1_md" => "SHA256"

     }

-    sig_pss = key.sign_raw("SHA1", hash, pssopts)

-    assert_equal true, key.verify("SHA1", sig_pss, data, pssopts)

-    assert_equal true, key.verify_raw("SHA1", sig_pss, hash, pssopts)

+    sig_pss = key.sign_raw("SHA256", hash, pssopts)

+    assert_equal true, key.verify("SHA256", sig_pss, data, pssopts)

+    assert_equal true, key.verify_raw("SHA256", sig_pss, hash, pssopts)

   end

   def test_sign_verify_raw_legacy

diff --git a/test/openssl/test_ssl.rb b/test/openssl/test_ssl.rb

index a7607da..3ba8b39 100644

--- a/test/openssl/test_ssl.rb

+++ b/test/openssl/test_ssl.rb

@@ -676,10 +676,16 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase

     #     buzz.example.net, respectively).  ...

     assert_equal(true, OpenSSL::SSL.verify_certificate_identity(

       create_cert_with_san('DNS:baz*.example.com'), 'baz1.example.com'))

+

+    # LibreSSL 3.5.0+ doesn't support other wildcard certificates

+    # (it isn't required to, as RFC states MAY, not MUST)

+    return if libressl?(3, 5, 0)

+

     assert_equal(true, OpenSSL::SSL.verify_certificate_identity(

       create_cert_with_san('DNS:*baz.example.com'), 'foobaz.example.com'))

     assert_equal(true, OpenSSL::SSL.verify_certificate_identity(

       create_cert_with_san('DNS:b*z.example.com'), 'buzz.example.com'))

+

     # Section 6.4.3 of RFC6125 states that client should NOT match identifier

     # where wildcard is other than left-most label.

     #

@@ -1563,6 +1569,99 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase

     end

   end

+  def test_ciphersuites_method_tls_connection

+    ssl_ctx = OpenSSL::SSL::SSLContext.new

+    if !tls13_supported? || !ssl_ctx.respond_to?(:ciphersuites=)

+      pend 'TLS 1.3 not supported'

+    end

+

+    csuite = ['TLS_AES_128_GCM_SHA256', 'TLSv1.3', 128, 128]

+    inputs = [csuite[0], [csuite[0]], [csuite]]

+

+    start_server do |port|

+      inputs.each do |input|

+        cli_ctx = OpenSSL::SSL::SSLContext.new

+        cli_ctx.min_version = cli_ctx.max_version = OpenSSL::SSL::TLS1_3_VERSION

+        cli_ctx.ciphersuites = input

+

+        server_connect(port, cli_ctx) do |ssl|

+          assert_equal('TLSv1.3', ssl.ssl_version)

+          if libressl?(3, 4, 0) && !libressl?(3, 5, 0)

+            assert_equal("AEAD-AES128-GCM-SHA256", ssl.cipher[0]) 

+          else

+            assert_equal(csuite[0], ssl.cipher[0]) 

+          end

+          ssl.puts('abc'); assert_equal("abc\n", ssl.gets)

+        end

+      end

+    end

+  end

+

+  def test_ciphersuites_method_nil_argument

+    ssl_ctx = OpenSSL::SSL::SSLContext.new

+    pend 'ciphersuites= method is missing' unless ssl_ctx.respond_to?(:ciphersuites=)

+

+    assert_nothing_raised { ssl_ctx.ciphersuites = nil }

+  end

+

+  def test_ciphersuites_method_frozen_object

+    ssl_ctx = OpenSSL::SSL::SSLContext.new

+    pend 'ciphersuites= method is missing' unless ssl_ctx.respond_to?(:ciphersuites=)

+

+    ssl_ctx.freeze

+    assert_raise(FrozenError) { ssl_ctx.ciphersuites = 'TLS_AES_256_GCM_SHA384' }

+  end

+

+  def test_ciphersuites_method_bogus_csuite

+    ssl_ctx = OpenSSL::SSL::SSLContext.new

+    pend 'ciphersuites= method is missing' unless ssl_ctx.respond_to?(:ciphersuites=)

+

+    assert_raise_with_message(

+      OpenSSL::SSL::SSLError,

+      /SSL_CTX_set_ciphersuites: no cipher match/i

+    ) { ssl_ctx.ciphersuites = 'BOGUS' }

+  end

+

+  def test_ciphers_method_tls_connection

+    csuite = ['ECDHE-RSA-AES256-GCM-SHA384', 'TLSv1.2', 256, 256]

+    inputs = [csuite[0], [csuite[0]], [csuite]]

+

+    start_server do |port|

+      inputs.each do |input|

+        cli_ctx = OpenSSL::SSL::SSLContext.new

+        cli_ctx.min_version = cli_ctx.max_version = OpenSSL::SSL::TLS1_2_VERSION

+        cli_ctx.ciphers = input

+

+        server_connect(port, cli_ctx) do |ssl|

+          assert_equal('TLSv1.2', ssl.ssl_version)

+          assert_equal(csuite[0], ssl.cipher[0])

+          ssl.puts('abc'); assert_equal("abc\n", ssl.gets)

+        end

+      end

+    end

+  end

+

+  def test_ciphers_method_nil_argument

+    ssl_ctx = OpenSSL::SSL::SSLContext.new

+    assert_nothing_raised { ssl_ctx.ciphers = nil }

+  end

+

+  def test_ciphers_method_frozen_object

+    ssl_ctx = OpenSSL::SSL::SSLContext.new

+

+    ssl_ctx.freeze

+    assert_raise(FrozenError) { ssl_ctx.ciphers = 'ECDHE-RSA-AES128-SHA' }

+  end

+

+  def test_ciphers_method_bogus_csuite

+    ssl_ctx = OpenSSL::SSL::SSLContext.new

+

+    assert_raise_with_message(

+      OpenSSL::SSL::SSLError,

+      /SSL_CTX_set_cipher_list: no cipher match/i

+    ) { ssl_ctx.ciphers = 'BOGUS' }

+  end

+

   def test_connect_works_when_setting_dh_callback_to_nil

     ctx_proc = -> ctx {

       ctx.max_version = :TLS1_2

diff --git a/test/openssl/test_x509cert.rb b/test/openssl/test_x509cert.rb

index d696b98..4e2bd0c 100644

--- a/test/openssl/test_x509cert.rb

+++ b/test/openssl/test_x509cert.rb

@@ -180,6 +180,7 @@ class OpenSSL::TestX509Certificate < OpenSSL::TestCase

     assert_equal(false, certificate_error_returns_false { cert.verify(@dsa512) })

     cert.serial = 2

     assert_equal(false, cert.verify(@rsa2048))

+  rescue OpenSSL::X509::CertificateError # RHEL 9 disables SHA1

   end

   def test_sign_and_verify_rsa_md5

@@ -226,9 +227,8 @@ class OpenSSL::TestX509Certificate < OpenSSL::TestCase

     assert_equal("dsa_with_SHA256", cert.signature_algorithm)

     # TODO: need more tests for dsa + sha2

-    # SHA1 is allowed from OpenSSL 1.0.0 (0.9.8 requires DSS1)

-    cert = issue_cert(@ca, @dsa256, 1, [], nil, nil, digest: "sha1")

-    assert_equal("dsaWithSHA1", cert.signature_algorithm)

+    cert = issue_cert(@ca, @dsa256, 1, [], nil, nil, digest: "sha512")

+    assert_equal("dsa_with_SHA512", cert.signature_algorithm)

   end

   def test_check_private_key

diff --git a/test/openssl/test_x509crl.rb b/test/openssl/test_x509crl.rb

index bcdb0a6..146ee07 100644

--- a/test/openssl/test_x509crl.rb

+++ b/test/openssl/test_x509crl.rb

@@ -20,7 +20,7 @@ class OpenSSL::TestX509CRL < OpenSSL::TestCase

     cert = issue_cert(@ca, @rsa2048, 1, [], nil, nil)

     crl = issue_crl([], 1, now, now+1600, [],

-                    cert, @rsa2048, OpenSSL::Digest.new('SHA1'))

+                    cert, @rsa2048, OpenSSL::Digest.new('SHA256'))

     assert_equal(1, crl.version)

     assert_equal(cert.issuer.to_der, crl.issuer.to_der)

     assert_equal(now, crl.last_update)

@@ -57,7 +57,7 @@ class OpenSSL::TestX509CRL < OpenSSL::TestCase

     ]

     cert = issue_cert(@ca, @rsa2048, 1, [], nil, nil)

     crl = issue_crl(revoke_info, 1, Time.now, Time.now+1600, [],

-                    cert, @rsa2048, OpenSSL::Digest.new('SHA1'))

+                    cert, @rsa2048, OpenSSL::Digest.new('SHA256'))

     revoked = crl.revoked

     assert_equal(5, revoked.size)

     assert_equal(1, revoked[0].serial)

@@ -98,7 +98,7 @@ class OpenSSL::TestX509CRL < OpenSSL::TestCase

     revoke_info = (1..1000).collect{|i| [i, now, 0] }

     crl = issue_crl(revoke_info, 1, Time.now, Time.now+1600, [],

-                    cert, @rsa2048, OpenSSL::Digest.new('SHA1'))

+                    cert, @rsa2048, OpenSSL::Digest.new('SHA256'))

     revoked = crl.revoked

     assert_equal(1000, revoked.size)

     assert_equal(1, revoked[0].serial)

@@ -124,7 +124,7 @@ class OpenSSL::TestX509CRL < OpenSSL::TestCase

     cert = issue_cert(@ca, @rsa2048, 1, cert_exts, nil, nil)

     crl = issue_crl([], 1, Time.now, Time.now+1600, crl_exts,

-                    cert, @rsa2048, OpenSSL::Digest.new('SHA1'))

+                    cert, @rsa2048, OpenSSL::Digest.new('SHA256'))

     exts = crl.extensions

     assert_equal(3, exts.size)

     assert_equal("1", exts[0].value)

@@ -160,24 +160,24 @@ class OpenSSL::TestX509CRL < OpenSSL::TestCase

     assert_equal(false, exts[2].critical?)

     no_ext_crl = issue_crl([], 1, Time.now, Time.now+1600, [],

-      cert, @rsa2048, OpenSSL::Digest.new('SHA1'))

+      cert, @rsa2048, OpenSSL::Digest.new('SHA256'))

     assert_equal nil, no_ext_crl.authority_key_identifier

   end

   def test_crlnumber

     cert = issue_cert(@ca, @rsa2048, 1, [], nil, nil)

     crl = issue_crl([], 1, Time.now, Time.now+1600, [],

-                    cert, @rsa2048, OpenSSL::Digest.new('SHA1'))

+                    cert, @rsa2048, OpenSSL::Digest.new('SHA256'))

     assert_match(1.to_s, crl.extensions[0].value)

     assert_match(/X509v3 CRL Number:\s+#{1}/m, crl.to_text)

     crl = issue_crl([], 2**32, Time.now, Time.now+1600, [],

-                    cert, @rsa2048, OpenSSL::Digest.new('SHA1'))

+                    cert, @rsa2048, OpenSSL::Digest.new('SHA256'))

     assert_match((2**32).to_s, crl.extensions[0].value)

     assert_match(/X509v3 CRL Number:\s+#{2**32}/m, crl.to_text)

     crl = issue_crl([], 2**100, Time.now, Time.now+1600, [],

-                    cert, @rsa2048, OpenSSL::Digest.new('SHA1'))

+                    cert, @rsa2048, OpenSSL::Digest.new('SHA256'))

     assert_match(/X509v3 CRL Number:\s+#{2**100}/m, crl.to_text)

     assert_match((2**100).to_s, crl.extensions[0].value)

   end

@@ -185,7 +185,7 @@ class OpenSSL::TestX509CRL < OpenSSL::TestCase

   def test_sign_and_verify

     cert = issue_cert(@ca, @rsa2048, 1, [], nil, nil)

     crl = issue_crl([], 1, Time.now, Time.now+1600, [],

-                    cert, @rsa2048, OpenSSL::Digest.new('SHA1'))

+                    cert, @rsa2048, OpenSSL::Digest.new('SHA256'))

     assert_equal(false, crl.verify(@rsa1024))

     assert_equal(true,  crl.verify(@rsa2048))

     assert_equal(false, crl_error_returns_false { crl.verify(@dsa256) })

@@ -195,7 +195,7 @@ class OpenSSL::TestX509CRL < OpenSSL::TestCase

     cert = issue_cert(@ca, @dsa512, 1, [], nil, nil)

     crl = issue_crl([], 1, Time.now, Time.now+1600, [],

-                    cert, @dsa512, OpenSSL::Digest.new('SHA1'))

+                    cert, @dsa512, OpenSSL::Digest.new('SHA256'))

     assert_equal(false, crl_error_returns_false { crl.verify(@rsa1024) })

     assert_equal(false, crl_error_returns_false { crl.verify(@rsa2048) })

     assert_equal(false, crl.verify(@dsa256))

diff --git a/test/openssl/test_x509req.rb b/test/openssl/test_x509req.rb

index ee9c678..a84b162 100644

--- a/test/openssl/test_x509req.rb

+++ b/test/openssl/test_x509req.rb

@@ -23,31 +23,31 @@ class OpenSSL::TestX509Request < OpenSSL::TestCase

   end

   def test_public_key

-    req = issue_csr(0, @dn, @rsa1024, OpenSSL::Digest.new('SHA1'))

+    req = issue_csr(0, @dn, @rsa1024, OpenSSL::Digest.new('SHA256'))

     assert_equal(@rsa1024.public_key.to_der, req.public_key.to_der)

     req = OpenSSL::X509::Request.new(req.to_der)

     assert_equal(@rsa1024.public_key.to_der, req.public_key.to_der)

-    req = issue_csr(0, @dn, @dsa512, OpenSSL::Digest.new('SHA1'))

+    req = issue_csr(0, @dn, @dsa512, OpenSSL::Digest.new('SHA256'))

     assert_equal(@dsa512.public_key.to_der, req.public_key.to_der)

     req = OpenSSL::X509::Request.new(req.to_der)

     assert_equal(@dsa512.public_key.to_der, req.public_key.to_der)

   end

   def test_version

-    req = issue_csr(0, @dn, @rsa1024, OpenSSL::Digest.new('SHA1'))

+    req = issue_csr(0, @dn, @rsa1024, OpenSSL::Digest.new('SHA256'))

     assert_equal(0, req.version)

     req = OpenSSL::X509::Request.new(req.to_der)

     assert_equal(0, req.version)

-    req = issue_csr(1, @dn, @rsa1024, OpenSSL::Digest.new('SHA1'))

+    req = issue_csr(1, @dn, @rsa1024, OpenSSL::Digest.new('SHA256'))

     assert_equal(1, req.version)

     req = OpenSSL::X509::Request.new(req.to_der)

     assert_equal(1, req.version)

   end

   def test_subject

-    req = issue_csr(0, @dn, @rsa1024, OpenSSL::Digest.new('SHA1'))

+    req = issue_csr(0, @dn, @rsa1024, OpenSSL::Digest.new('SHA256'))

     assert_equal(@dn.to_der, req.subject.to_der)

     req = OpenSSL::X509::Request.new(req.to_der)

     assert_equal(@dn.to_der, req.subject.to_der)

@@ -78,9 +78,9 @@ class OpenSSL::TestX509Request < OpenSSL::TestCase

       OpenSSL::X509::Attribute.new("msExtReq", attrval),

     ]

-    req0 = issue_csr(0, @dn, @rsa1024, OpenSSL::Digest.new('SHA1'))

+    req0 = issue_csr(0, @dn, @rsa1024, OpenSSL::Digest.new('SHA256'))

     attrs.each{|attr| req0.add_attribute(attr) }

-    req1 = issue_csr(0, @dn, @rsa1024, OpenSSL::Digest.new('SHA1'))

+    req1 = issue_csr(0, @dn, @rsa1024, OpenSSL::Digest.new('SHA256'))

     req1.attributes = attrs

     assert_equal(req0.to_der, req1.to_der)

@@ -101,7 +101,7 @@ class OpenSSL::TestX509Request < OpenSSL::TestCase

   end

   def test_sign_and_verify_rsa_sha1

-    req = issue_csr(0, @dn, @rsa1024, OpenSSL::Digest.new('SHA1'))

+    req = issue_csr(0, @dn, @rsa1024, OpenSSL::Digest.new('SHA256'))

     assert_equal(true,  req.verify(@rsa1024))

     assert_equal(false, req.verify(@rsa2048))

     assert_equal(false, request_error_returns_false { req.verify(@dsa256) })

@@ -122,7 +122,7 @@ class OpenSSL::TestX509Request < OpenSSL::TestCase

   end

   def test_sign_and_verify_dsa

-    req = issue_csr(0, @dn, @dsa512, OpenSSL::Digest.new('SHA1'))

+    req = issue_csr(0, @dn, @dsa512, OpenSSL::Digest.new('SHA256'))

     assert_equal(false, request_error_returns_false { req.verify(@rsa1024) })

     assert_equal(false, request_error_returns_false { req.verify(@rsa2048) })

     assert_equal(false, req.verify(@dsa256))

@@ -137,13 +137,13 @@ class OpenSSL::TestX509Request < OpenSSL::TestCase

   end

   def test_dup

-    req = issue_csr(0, @dn, @rsa1024, OpenSSL::Digest.new('SHA1'))

+    req = issue_csr(0, @dn, @rsa1024, OpenSSL::Digest.new('SHA256'))

     assert_equal(req.to_der, req.dup.to_der)

   end

   def test_eq

-    req1 = issue_csr(0, @dn, @rsa1024, "sha1")

-    req2 = issue_csr(0, @dn, @rsa1024, "sha1")

+    req1 = issue_csr(0, @dn, @rsa1024, "sha512")

+    req2 = issue_csr(0, @dn, @rsa1024, "sha512")

     req3 = issue_csr(0, @dn, @rsa1024, "sha256")

     assert_equal false, req1 == 12345