This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

browser end of SHA1 support

browser end of SHA1 support

Ronald_Dvorak
Honored Contributor

‎12-20-2016 07:29 PM

As far as I've read a lot of browser will end the support for SHA1 certifcates next year.

Is there a official document / warning which products are affected and how to generate SHA2 certificates.

I.e. how could I change the factory installed self signed certificate on ExtremeWireless.
I know I'd generate a cert signing request and generate one from my CA but what about small installations without a CA - how could I generate a new self signed cert on the controller with SHA2.

-Ron
0 Kudos
3 REPLIES 3

M_Nees
Contributor III

‎01-18-2017 05:17 PM

Hi,

these days i have a customer who wants to know if he can change SHA1 / AES Encryption for SNMPV3 into SHA2 / AES 128 ?!

Is supporting SHA2 snmp encrpytion a current topic on Extreme stuff (wireless controller or EOS or EXOS switches). Is this expected in the near future ?

Regards
0 Kudos

M_Nees
Contributor III
In response to M_Nees

‎01-18-2017 05:17 PM

There is also a RFC which specify the demand:
https://tools.ietf.org/html/rfc7630

0 Kudos

Ryan_Yacobucci
Extreme Employee

‎12-20-2016 07:37 PM

Hey Ronald,

I know that this has been fixed in the 7.x version of code for NAC. New deployments on 7.0 will have SHA256 certificates for captive portal, RADIUS, and Internal Communications. Not sure, if this has been fixed for wireless but NAC should be unaffected by SHA1 deprecation.

If you installed NAC when it was issuing SHA1 certificates they can be easily regenerated.

Thanks
-Ryan

0 Kudos
GTM-P2G8KFN