Forum Discussion

Kai_M__48813's avatar
Feb 21, 2017

sha1 or sha256 default when creating csr

im going to use the webui to generate a san csr, but there is no indication on whether sha1 or sha256 will be used. the version im generating on is 12.1.1. is there a quick way to verify this, either in webui or through cli?

 

  • SHA-256 should be selected in the later versions such as yours. This will be represented by 2048 bits in the key section (near bottom when generating CSR.) After that your PKI authority should handle the rest.

     

  • SHA-256 should be selected in the later versions such as yours. This will be represented by 2048 bits in the key section (near bottom when generating CSR.) After that your PKI authority should handle the rest.

     

    • Kai_M__48813's avatar
      Kai_M__48813
      Icon for Cirrus rankCirrus

      thanks!

       

      i was also able to veriy this by running openssl req -noout - text in /config/test.csr | grep -i signature

       

    • Nicholas_P__308's avatar
      Nicholas_P__308
      Icon for Cirrus rankCirrus

      Kai, thank you the the string to confirm! Always best to verify as much as possible!