sha1 certificate.

Latest response

Hello,

By default when we installed satellite 6, it came up with sha1 certificate. I know many of the browsers announced stopping their support for sites that has sha1 certificate. (Refer http://www.infoworld.com/article/3064654/security/tick-tock-time-is-running-out-to-move-from-sha-1-to-sha-2.html).

I really don't want to add extra complexity of installing internal self-signed certificate and maintaining it. How do I recreate and deploy an application signed certificate on the satellite server? Also changing the certificate will affect the content hosts that are already registered?

Thanks
Ramesh

Responses

Hello, this was fixed in Satellite 6.2, Bug 1296301 - Katello-installer and capsule-certs-generate sign certificates with sha1. If you cannot upgrade at this time then please open a support case.

Hello again, on further reading it seems upgrading from 6.1 to 6.2 will not automatically fix this. Please raise a support request as this is not a trivial procedure.

Thanks Stephen, will approach Support.

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.