Effective April 2014, Symantec announced that it will stop issuance of SHA-1 SSL Certificates on January 1, 2016. So we must replace those with new SHA-2 certificates before the 2016 deadline. My company is asking for us to verify if/when SHA-2 is supported in our applications.
Support of certificates should be at the Tomcat or Apache level. I would assume the answer is yes.
Yes but for outgoing connections, JIRA (and java underneath) need to recognize the certificate of the remote side. IF that cert has been updated to SHA2, and assuming it is a private PKI, what is required for JIRA (or java) to trust the remote SHA2 cert?
Though my cacerts file contains the root certificate and the other elements of the chain, the remote SHA2 cert is failing when using SSLPoke.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
IF that cert has been updated to SHA2, and assuming it is a private PKI, what is required for JIRA (or java) to trust the remote SHA2 cert?
Though my cacerts file contains the root certificate and the other elements of the chain, the remote SHA2 cert is failing when using SSLPoke.
Did you re-add the new SHA2 certificate into the JVM? And it really depends on the error message too.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.