Read full details here: Generating self-signed x509 certificate with 2048-bit key and sign with sha256 hash using OpenSSL
With Google, Microsoft and every major technological giants sunsetting sha-1 due to it’s vulnerability, sha256 is the new standard. It seems to be an issue almost all Infrastructure Administrators are facing right now. Those who are using managed PKI console, it’s very easy and straight forward and the signing authority such a Symantec/Verisign or GoDaddy will take care of the signature hash.
Users
just select if they want to use sha1, sha256 and so on. But for those
who have a test infrastructure where you are using self signed SSL/TLS
certificate, they need to generate and or replace all their existing
certificates with self-signed x509 certificate with 2048-bit key and
sign with sha256 hash using OpenSSL. Generating a 2048-bit public key
x509 certificate with sha256 digest algorithm is not very tough. But
OpenSSL help menu can be confusing. This post would help anyone who had
to walk that path of upgrading sha1 or issuing a new self-signed x509
certificate with 2048-bit key and sign with sha256 hash.
Read the rest of it here: Generating self-signed x509 certificate with 2048-bit key and sign with sha256 hash using OpenSSL
With Google, Microsoft and every major technological giants sunsetting sha-1 due to it’s vulnerability, sha256 is the new standard. It seems to be an issue almost all Infrastructure Administrators are facing right now. Those who are using managed PKI console, it’s very easy and straight forward and the signing authority such a Symantec/Verisign or GoDaddy will take care of the signature hash.
Read the rest of it here: Generating self-signed x509 certificate with 2048-bit key and sign with sha256 hash using OpenSSL
No comments:
Post a Comment