Wireless Access

Reply
MVP
Posts: 112
Registered: ‎01-05-2016

Is SHA1 used in aruba controller self-signed cert? How about SHA2 cert?

Hi, is SHA1 used in current Aruba controller self-signed cert? As web browsers will use SHA2 on coming future, will be a compatible issue in the future? Please advise ,thanks

Guru Elite
Posts: 8,637
Registered: ‎09-08-2010

Re: Is SHA1 used in aruba controller self-signed cert? How about SHA2 cert?

As a best practice, you should not use the built in cert in production.

Sent from Nine<>

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Moderator
Posts: 245
Registered: ‎09-12-2007

Re: Is SHA1 used in aruba controller self-signed cert? How about SHA2 cert?

There is not currently a self-signed cert within the controllers - the cert that ships by default comes from a CA.  And yes, it uses SHA-1.  If you're actually using that cert in a production network, SHA-1 is the least of your worries.  You should not use the default certificate - ever.

 

In future versions of ArubaOS, the controller will generate a self-signed cert.  This cert will be signed using SHA-2.  On the other hand - the signature is meaningless (it is self-signed) so I don't think it particularly matters what we use.  You'll either need to a) replace that cert with something from a CA (the preferred approach) or save and pin the public key.

---
Jon Green, ACMX, CISSP
Security Guy
Search Airheads
Showing results for 
Search instead for 
Did you mean: