|
From what you wrote, I understand that I don't need to be concernedabout the SHA 1 from VeriSign (yet?)
I'm not sure you've read what I wrote - or maybe I wasn't clear :)
Your certificate is ultimately signed by the Verisign Class 3 Public
Primary Certification Authority – G5. This is Symantec's root. Unless
you want to dump your certificate and get another one from a different
CA then there's nothing to be done and nothing to be concerned about.
As for the error messages, I don't know.*
*
On 5/9/2016 6:12 PM, Raul A Jager W wrote:
VeriSign provides also teh SHA 2 certificate.
If installing that will not invalidate anything I will rather do it now,
not wait until it does cause a problem.
I have a lot of messages in the error log:
ZSRV_MSG0214: Certificado formateado incorrectamente o no válido, error
= 415.
ZSRV_MSG0281: SSL:
201.217.12.126.
ZSRV_MSG0214: Certificado formateado incorrectamente o no válido, error
= 415.
ZSRV_MSG0281: SSL:
131.161.254.18.
Two or three each second, Can they be caused by the SHA 1 certificate?
_____________________________________________________________________________________
On 05/09/2016 11:42 AM, Tim Bronski wrote:
There's nothing for you to do. The root certificate (Verisign) has a
SHA1 signature. For now that's what Verisign are using to sign
intermediate certs. There's no security reason for them to change
that. No one will ding you for it.
On 5/9/2016 5:23 PM, Raul A Jager W wrote:
Thank you Tim, I found:
Issued to: Symantec Class 3 Secure Server SHA256 SSL CA
Issued by: VeriSign Universal Root Certification Authority
Valid from: 4/8/2013 to 4/8/2023
Serial Number: 69 87 94 19 d9 e3 62 70 74 9d bb e5 9d c6 68 5e
Intermediate CA
And a certificate in a rectangle in grey background.
Can I donload it an install it with DCM?
Do I need to do something else?
___________________________________________________________________
On 05/09/2016 10:23 AM, Tim Bronski wrote:
You cannot just "replace" a certificate in a chain. If an-- Este e-mail fue enviado desde el Mail Server del diario ABC
intermediate
certificate is revoked or otherwise invalidated then all subordinate
certificates signed by that certificate will need to be replaced with
new ones. In your case however the SHA1 signed certificate is the
root
certificate. A root certificate isn't validated by its signature; the
fact that it's the root is trust enough.
On 5/9/2016 4:02 PM, Raul A Jager W wrote:
I just put my new in line and when I verified the SSL I found an
intermediate certificate that uses SHA1. The server is working,
but I
will like to resolve this issue.
The i is in v7.2, and you can see the details of the problem
clicking on
the lock for https://i5.abc.com.py
Can I just install a new intermediate certificate? Where can I find
it?
Is there some special procedure for the i to use the new certiicate?
TIA
Raúl
-- Este e-mail fue enviado desde el Mail Server del diario ABC
Color --
-- Verificado por Anti-Virus Corporativo Symantec --
Color --
-- Verificado por Anti-Virus Corporativo Symantec --
-- Este e-mail fue enviado desde el Mail Server del diario ABC Color --
-- Verificado por Anti-Virus Corporativo Symantec --
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
