Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
5048
Views
5
Helpful
6
Replies

Does ACE service module support SHA2(256) certificates

Go to solution
guilty_2
Level 1
Level 1

‎09-02-2010 06:39 AM

Hello,

Does anyone know if ACE service module support SHA2(256) certificates? I see that private key generation defaults to SHA1 and does not provide any option, also the cipher suites in SSL parameters map do not show SHA2 options. Can it handle SHA2 in any software release? I am currently running A2(2.3) build 3.00

1 person had this problem
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
litrenta
Level 3
Level 3

‎09-02-2010 11:37 AM

Not supported on ACE. There are plans for SHA2 support specifically for

verification of certificates signed with SHA2 family algorithms (SHA224
through 512) on the ACE 30 module coming out later this year. This will not be supported on current ACE modules.

View solution in original post

6 Replies 6

Go to solution
litrenta
Level 3
Level 3

‎09-02-2010 11:37 AM

Not supported on ACE. There are plans for SHA2 support specifically for

verification of certificates signed with SHA2 family algorithms (SHA224
through 512) on the ACE 30 module coming out later this year. This will not be supported on current ACE modules.

Go to solution
guilty_2
Level 1
Level 1
In response to litrenta

‎09-02-2010 11:15 PM

hmmm...thats not very encouraging. I expected that it would at least be supported in software. Thanks for replying

0 Helpful

Go to solution
guilty_2
Level 1
Level 1
In response to guilty_2

‎09-03-2010 02:38 AM

Just received a reply on my TAC:

SHA-2 support will not be added to either of the A2 or A3 code trains.
However,
In the next release (4.x) release we will be adding SHA2 support
specifically for verification of certificates signed with SHA2 family
algorithms (SHA224 through 512). The current ETA for this code version
is Q4CY 2010 (ie: between now and Christmas).

0 Helpful

Go to solution
litrenta
Level 3
Level 3
In response to guilty_2

‎09-03-2010 04:58 AM

correct note that 4.x software will not run on the current ace modules, only on the new

ACE 30 modules coming out at the same time, and on the existing ACE appliance.

0 Helpful

Go to solution
paulgilbody
Level 1
Level 1

‎11-14-2011 07:46 AM

I can't find any updates on this - can someone advise if the ACE 4710 can or will support SHA-2 now or in the near future? Specifically SHA-512?

Thanks

0 Helpful

Go to solution
litrenta
Level 3
Level 3
In response to paulgilbody

‎11-14-2011 11:17 AM

ACE 4710 running A4 code supports sha-512 for verification of certs signed with this algorithm. It does not support negotiation of sha-2 cipher specs in ssl termination.

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card