Generating SHA-2 certificate with ikeyman

Question

Trying to move from SHA-1 SSL to SHA-2 SSL since SHA-1 certificates expiring as of Jan 2016. I am using ikeyman version 8.0.344 to generate a new SHA-2 cert. Couple of questions I have

I am generating kdb, and under Create new Key and cert request I have selected:

key Size: 2048,

Sig. Algorithm: SHA2WithRSA

Are these 2 values correct selections?

2.After created the cert. request, I viewed what I generated and seeing

Fingerprint (SHA1 Digest):

num:num:num...

Signature Algorithm: SHA256withRSA

Does it matter if FingerPrint is SHA1?

Thanks

score 0 · Answer 1 · edited May 23 '17 at 11:59

0

Theoretically, the certificate can be forged. But, I am still researching so don't know if there is a known 'fix' or is this a non-issue for SSL security.

This question and ensuing discussion may shed some light - Is SHA-1 secure for password storage?

edited May 23 '17 at 11:59

Community

1
1

answered Dec 01 '15 at 18:42

Salman Siddiqui

340
3
13

Generating SHA-2 certificate with ikeyman

1 Answers1