In fact that`s a good question. Take a look:
I configured R1 to be the CA server with SHA256 crypto pki server CA grant auto hash sha256 lifetime certificate 1 database url flash: Even though I specified it as sha256, when I do "show crypto pki certificates" I get both outputs but nothing about sha256 on the fingerprint Signature Algorithm: SHA256 with RSA Encryption Fingerprint MD5: 8C5334D3 44F444F9 ECE0B9A0 DCA22F16 Fingerprint SHA1: 953AA86A 17624DF8 0B67C560 6DFDB426 DF9D3DC7 I found this article: http://www.mail-archive.com/[email protected]/msg06368.html It seems you`ll always have both whenever you configure other type of hashing algorithms Hope it helps On Wed, Jan 5, 2011 at 8:20 AM, kamran shakil <[email protected]>wrote: > Dears, > I saw it many times while i doing labs whenever i enroll and authenticate > the cert from CA , i get 2 messages. > > fingerprint MD5 > > fingerprint SHA > > Why TWO / BOTH of them are generated with keys ? > > I dont think i mentioned it in CA Config ? > > > I didnt see any comment or clue on it in any of the worbooks i have nor on > any forums . Well, please let us all know if someone has clue on it . > Waiting > > regards, > Kamran ~ > > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > > -- Bruno Fagioli (by Jaunty Jackalope) Cisco Security Professional
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
