»
Helpota ikkunanpesua: pese enimmät liat ensin pois talouspaperilla. (jatkuu…)
»
Nginx version 1.6.2 is now available in pkgsrc as www/nginx. Addresses an SSL session reuse vulnerability (CVE-2014-3616). Enjoy!

SHA-256 SSL certificates

Written late in the morning in English • Tags: , , ,

The technical details of an SSL certificate are up to the issuing CA, which is understandable. I was still surprised when my SHA-256 CSR resulted in a SHA-1 certificate back in April, when reissuing it due to heartbleed. But I didn’t pursue it at the time.

Now that Google announced sunsetting SHA-1-signed certificates by the end of the year, the issue became more pressing. Fortunately instructions for reissuing GeoTrust-based certificates — such as the RapidSSLonline ones — were already available. (more…)