Management Portal shows SHA-1 certificate is used although SHA-256 Hotfix from sk103839 was installed

Support Center > Search Results > SecureKnowledge Details

Technical Level

Solution ID	sk108285
Technical Level
Product	Management Portal, Quantum Security Management, Multi-Domain Security Management
Version	R75 (EOL), R76 (EOL), R77 (EOL), R77.10 (EOL), R77.20, R77.20.01 (EOL), R77.30 (EOL)
OS	Gaia, SecurePlatform 2.6, Linux, Windows
Platform / Model	All
Date Created	21-Oct-2015
Last Modified	25-Sep-2017

Symptoms

Management Portal shows SHA-1 certificate is used although SHA-256 Hotfix from sk103839 was installed.
"IETF X.509 Certificate Signature Collision Vulnerability" message is shown by vulnerability scanner.

Cause

This is not a vulnerability issue. The certificate used by SmartPortal is not automatically changed when hotfix for SHA-256 from sk103839 is installed. The SmartPortal certificate should be manually replaced with new certificate created with SHA-256 algorithm.

Solution

Note: To view this solution you need to Sign In .