Keith C. Perry on 14 Dec 2015 08:18:59 -0800


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Moving from SHA1 to SHA2 for self-signed certificates


I'm going to guess that we are talking about certificates you have been signing for HTTPS use but if not please identify the use case(s).

How did you issue them the first time?  OpenSSL?


~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~
Keith C. Perry, MS E.E.
Owner, DAO Technologies LLC
(O) +1.215.525.4165 x2033
(M) +1.215.432.5167
www.daotechnologies.com


From: "Michael Leone" <turgon@mike-leone.com>
To: "PLUG" <plug@lists.phillylinux.org>
Sent: Monday, December 14, 2015 11:04:00 AM
Subject: [PLUG] Moving from SHA1 to SHA2 for self-signed certificates

I have a question. I have set up my own internal CA to issue certs for my organization. It uses SHA1 as it's default md (I set this up a few years back, on an old Ubuntu VM). I know SHA1 is being deprecated, but I figure that since it's only for internal use, it's less of an issue than for external certificates, which might not be recognized when SHA1 support goes away.
So how would I go about upgrading my CA cert to SHA2? I suppose I should also re-issue the SHA1 certs, once that's done.


___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug