Hi Experts
We have recently upgraded for mgmt servers from r77.30 to r80.30 and its my understanding that the default signing algorithm of the Internal CA (ICA) was changed from SHA-1 to SHA-256.I have already gone through the SK103840 and its more about changing the default SHA algorithm from sha-1 to sha-256 used by the ICA to issues certificates in R77.30 or reverse from sha-256 to sha-1 in R80.30.
1. So from this point forward, for new certificates and for re-generated certificates the hash will be SHA-256. Our manager is already on R80.30 so the default signing algorithm of the Internal CA (ICA) is sha-256. So any new cert or renewed cert will be issued with sha-256. Is that correct ?
2. How can we change the algorithm hash for ICA itself (ICA certificate / root certificate) to SHA-256. In R77.30 it was not possible but is it possible in R80.30 ?
3.Also i had a query about how to change default key length size of the mgmt server and gateway to 2048-bit ? Will this be done when we renew the certs ?
Regards,
Sijeel Malik