Signature algorithm SHA1 is being deprecatedSolved

Participant
Discussion
4 years ago

I have come across a thread which states that the signature algorithm SHA-1 is being deprecated. Is this true?

Replies (7)

Marked SolutionPending Review
Participant
4 years ago
Marked SolutionPending Review

I have read an article too which talked about the same. It seems that that the certificates with the SHA-1 hashing algorithm are not secure and can be easily be exploited by attackers.

Marked SolutionPending Review
Participant
4 years ago
Marked SolutionPending Review

I guess it’ll be better to replace all your certificates using SHA-1 algorithm with better alternatives as it could lead to security issues.

Marked SolutionPending Review
Participant
4 years ago
Marked SolutionPending Review

I had been trying to get the details of the already deployed certificates from the Hexnode portal but I was not able to find out the Algorithm used in the certificates.

Marked SolutionPending Review
Participant
4 years ago
Marked SolutionPending Review

Can you try checking the policy with which the certificate has been associated? I think you will be able to find an option to view the certificate details.

Marked SolutionPending Review
Participant
4 years ago
Marked SolutionPending Review

I did try checking that option inside polices, but I could only find the name of the issuer and the expiry date of the certificate. Can you help me how to find the signature algorithm for my certificates?

Marked SolutionPending Review
Hexnode Expert
4 years ago
Marked SolutionPending Review

Hi Isabis,

Thank you for reaching out to us!

I’d like to bring to your notice that deprecation for SHA1withRSA signature algorithm for certificate-based authentication has been announced by different organizations in the past few years due to its security vulnerabilities. Using the SHA-1 algorithm in your certificates can make it vulnerable to spoofing, phishing and man-in-the-middle attacks.

You cannot check the signature algorithm of the certificates from the Hexnode portal. However, you can manually check your certificates from your device (preferably laptops or PCs) for the type of algorithm used in them by following the given instructions:

  1. Find the location of the certificate on your device.
  2. Click on the certificate to view the certificate information.
  3. Click on the details dropdown to view the entire details of the certificate.
  4. Inside the certificate details, you will be able to find the signature algorithm used in the certificate.

Once you’ve found out the certificates having SHA1withRSA signature algorithm, you can replace those certificates with the newer ones from the policies and re-associate the policy to your devices.

Hope this answers your query.

Cheers!
Chris Coleman
Hexnode UEM

Marked SolutionPending Review
Participant
4 years ago
Marked SolutionPending Review

Thank you guys! You guys have been very helpful. I was actually able to figure out the certificates with the older SHA-1 certificates and replace them with the newer ones.

Save