[BlueOnyx:16524] Re: SHA-2 CSR
Michael Stauber
mstauber at blueonyx.it
Fri Nov 21 22:48:54 -05 2014
Hi Matt,
> I'm about to issue a few CSRs from our servers that need to be SHA-2
> compatible (assuming that's the right language to describe it). Is
> there anything special that I need to do? I have both 5107R and
> 5106R servers that this would be executed on.
Make sure you're fully YUM updated. Then go into the directory
/home/sites/www.site.com/certs and move everything in there to a safe
place. Or rename the whole "certs" directory of that Vsite to
"certs.bak" and then make sure the new "certs" directory is empty.
Then create the signing request. If no key or old certificate is present
in the directory, then the new cert will no longer use SHA-1 but the
stronger SHA256 hashing algorithm.
This was added to all BlueOnyx versions about two months ago.
Example for 5106R:
http://devel.blueonyx.it/trac/changeset/1661/BlueOnyx/ui/base-ssl.mod
--
With best regards
Michael Stauber
More information about the Blueonyx
mailing list