Generating SHA-2 certificate with ikeyman

Trying to move from SHA-1 SSL to SHA-2 SSL since SHA-1 certificates expiring as of Jan 2016. I am using ikeyman version 8.0.344 to generate a new SHA-2 cert. Couple of questions I have

  1. I am generating kdb, and under Create new Key and cert request I have selected:

    key Size: 2048,

    Sig. Algorithm: SHA2WithRSA

    Are these 2 values correct selections?

2.After created the cert. request, I viewed what I generated and seeing

Fingerprint (SHA1 Digest):

num:num:num...

Signature Algorithm: SHA256withRSA

Does it matter if FingerPrint is SHA1?

Thanks

Answers


Theoretically, the certificate can be forged. But, I am still researching so don't know if there is a known 'fix' or is this a non-issue for SSL security.

This question and ensuing discussion may shed some light - Is SHA-1 secure for password storage?


Need Your Help

How to sort HashSet() function data in sequence?

java sorting hashset

I am new to Java, the function I would like to perform is to load a series of data from a file, into my hashSet() function.

Call static method on parametrized class in Java

java class static member

I have a list of classes that extend the same superclass, which has a static field called foo: