Re: Enabling SHA1 for client certificates

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 23 Oct 2019, at 03:49, Wouter Verhelst <Wouter.Verhelst@xxxxxxxxx> wrote:
> I know that SHA1 is insecure these days, but I have no control over the algorithms used in this particular CA, and I need to be able to use it.

This is a case of pushing back to get the incompetent CA to update. Even if you manage to get Apache to do this, the browsers will balk at it.

> Anyone have any idea if it's possible to relax the requirements for client CAs somehow?

I don’t think so, it’s been deprecated for several years and breakable for several more.

Chrome dropped support in 2016, possibly early 2017 (Chrome 54 comes to mind)?

Safari dropped any support for SHA1 this year.


-- 
99 percent of lawyers give the rest a bad name.


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx





[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux