04-07-2016 07:22 PM
Hi, is SHA1 used in current Aruba controller self-signed cert? As web browsers will use SHA2 on coming future, will be a compatible issue in the future? Please advise ,thanks
Solved! Go to Solution.
04-07-2016 07:25 PM
04-07-2016 07:30 PM
There is not currently a self-signed cert within the controllers - the cert that ships by default comes from a CA. And yes, it uses SHA-1. If you're actually using that cert in a production network, SHA-1 is the least of your worries. You should not use the default certificate - ever.
In future versions of ArubaOS, the controller will generate a self-signed cert. This cert will be signed using SHA-2. On the other hand - the signature is meaningless (it is self-signed) so I don't think it particularly matters what we use. You'll either need to a) replace that cert with something from a CA (the preferred approach) or save and pin the public key.
Jon Green, ACMX, CISSP