Yes, openssl 098g supports SHA256. I built Freeradius 1.1.7 with openssl 098g, and we have been using EAP-TLS with SHA256 signed certs for quite sometimes.
Thanks On Tue, Mar 9, 2010 at 11:28 AM, Hasan Rezaul-CHR010 <chr...@motorola.com>wrote: > Hi All, > > I am somewhat of a newbie to openssl, so apologize in advance for my > ignorance :-) > > I have openssl version 0.9.8g on my custom Linux 2.6.27 distro. > > I need to make sure that SHA-2 (specifically SHA-256 algorithm) is > supported with this version of openssl. > The sha-256 algorithm will be used during IPSec link establishment, > Certificates Verification, and for general TLS/SSL Cipher suites. > > From the quick online reading, I am getting mixed messages of whether > sha-2 algorithms (specifically sha-256) is truly supported or not ?!? > Supposedly things might still be hard-coded to sha-1 even when sha-2 > algorithms are 'supported' ?... > > 1. Would you kindly clarify if openssl version 0.9.8g does infact meet > my needs ? That is, does it in fact support sha-256 to be used in IPSec, > Certificate verification, and general TLS/SSL. > > 2. If 0.9.8g is not adequate, what version of openssl does infact > support my needs described above ? > > Thanks soo much in advance. > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org > -- Rafiqul Ahsan
