Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Chrome will STOP accepting sha1 in November 2014; how do we get sha2 ssl certificates issued to Cisco's WLC?

Chrome will STOP accepting sha1 in November 2014; how do we get sha2 ssl certificates issued to Cisco's WLC?

The entire crazy procedure with using OpenSSL to generate CSR is based on the controller's limitation to use sha1 instead of sha2 when generating and uploading a third party SSL certificate; what's the plan Cisco? Are we stuck with Chrome reporting "unsafe" site for WLC web authentication for the foreseeable future?

 

Then in 2017 all of the "good" registrars will stop selling sha1 certificates period! When will Software Version 7.6.110.0 or the newest 8.x allow sha2 ssl certificates to be uploaded to the WLCs?

4 REPLIES
Community Member

Any news on that ?

Any news on that ?

Community Member

May be we are too far for any

May be we are too far for any planning to occur (60 days LOL) just yet?

The WLC should supports SHA-2

The WLC should supports SHA-2 certificates since 8.0.100, however I did not this this myself yet. Also, you are correct that Chrome will stop accepting SHA-1 certificates from on this November but this is for certificates which are valid until somewhere in 2016. So as a quick fix you can always use a SHA-1 certificate for more than one year.

 

- http://www.cisco.com/c/en/us/products/collateral/wireless/8500-series-wireless-controllers/bulletin-c25-732295.html

- http://googleonlinesecurity.blogspot.co.uk/2014/09/gradually-sunsetting-sha-1.html

Community Member

This is not documented well,

This is not documented well, but I have since learned that SHA-256 certificates are supported in 7.6.130 and the latest 7.4 release as well as in 8.0.100.

460
Views
0
Helpful
4
Replies
CreatePlease to create content