Well, now you've made me go and try it. I couldn't get OpenSSL to use
RSAwithMD2, but it works fine with MD5:
openssl req -x509 -out client-cert.pem -new -newkey rsa:512 -md5 -nodes
-keyout client-priv.pem
openssl pkcs12 -export -in client-cert.pem -inkey client-priv.pem -out
client.p12
# Prefer
It does to a certain extent. If I have a certificate that uses a
512-bit RSA key and is signed using RSAwithMD2, will Mozilla even
attempt to use that certificate for client authentication?
On Wed, Apr 27, 2016 at 10:54 AM, Richard Barnes wrote:
> For client certificates, it doesn't really matte
For client certificates, it doesn't really matter what Mozilla thinks -- it
matters what the website thinks when you present the client cert.
On Wed, Apr 27, 2016 at 7:48 AM, wrote:
> Hi ! I read "
> https://blog.mozilla.org/security/2015/10/20/continuing-to-phase-out-sha-1-certificates/";
> art
Hi ! I read
"https://blog.mozilla.org/security/2015/10/20/continuing-to-phase-out-sha-1-certificates/";
article but my question is what about Client authentication certificates that
are issued using SHA-1 like Qualified Certificates issued to clients in order
to make client authenticated SSL co
4 matches
Mail list logo