Actions
Bug #7853
closedSigned CSRs always use SHA1, which is weak
Start date:
09/11/2017
Due date:
% Done:
100%
Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
2.4
Affected Architecture:
All
Description
When signing a CSR in the 2.4 GUI there is no choice to pick a digest algorithm for signing. Thus, when a CSR is signed, it is signed using the openssl default of SHA1.
We need a field to pick the digest and use it appropriately. Also, it would be nice to show the signature digest in the infoblock so it's easy to spot.
To me, I have a fix ready.
See also: https://forum.pfsense.org/index.php?topic=136471.0
Actions