Symantec Privileged Access Management

  • Private Community

  • 1.  Request a Certificate from a Third Party with SHA256

    Posted Aug 10, 2018 05:13 PM

    Hello,

    It is possible generate a Request a Certificate from a Third Party with SHA256, by default those Request are generated in SHA512, and the Customer CA no accept this type of algorithm.

     

    Please your comments.

     

    Thank You.

     

    Adolfo.



  • 2.  Re: Request a Certificate from a Third Party with SHA256

    Posted Aug 17, 2018 02:29 PM

    How are you determining the hash is sha512?

    I'm looking at my company's internally signed certs from our CA.  I generated CSR's from CAPAM 2.8 and 3.1.1 and signed certs show sha256.



  • 3.  Re: Request a Certificate from a Third Party with SHA256
    Best Answer

    Posted Aug 17, 2018 03:39 PM

    Hello,

    I opened a support case in the CA Support page, and i received the next answer:

     

    [–] Created By: Diego Lombardia On: 15.08.2018 14:55

    Hello Adolfo, I have checked our knowledge base and found that we do not have the option to choose any other signature algorithm for the CSR file than the default sha512WithRSAEncryption. Please let us know if you have any further doubt. Regards, Diego Lombardia CA Technologies Technical Support
    As well the customer told us that the CSR are signed in SHA512 algorithm.

     

    So, the customer takes the decision of to sign the CSR with another CA, and the case it was solved.
    Thank You.
    Adolfo.