AnsweredAssumed Answered

SHA256withRSA still reported as weak SHA1withRSA

Question asked by Ondrej Jombik on Sep 24, 2014
Latest reply on Sep 29, 2014 by smaug

Recently we upgraded signature of several our SSL certs from weak SHA1withRSA to SHA256withRSA

 

$ openssl req -text -noout -verify -in xyz.csr | grep Signature

    Signature Algorithm: sha256WithRSAEncryption

 

However site still reports:

Signature algorithm                 SHA1withRSA   WEAK

 

But it is definitelly loading correct certificate, because for example Valid until has changed correctly.

 

Is this know bug on the site, or problem within our SSL certificate supplier, or we did something wrong?

 

We used this command for KEY/CSR generation:

 

openssl req -new -sha256 -newkey rsa:4096 -nodes -keyout xyz.key -out xyz.csr


Thanks!

Outcomes