Solved: Thanks for the confirmation

Rafael Sanchez · ‎01-23-2015

Yes I know these are very old servers and technically we should move away from CAS altogether. But unfortunately this is an environment i inherited and am now dealing with the issues. Due to the requirement to move away from sha-1 signed certificates I need to replace my current certs with sha-256 signed certs. But before I do that I want to know if anyone knows if CAS version 4.1(8) supports SHA-256 certs? I did check the release notes but there is no mention of the supported SHA versions, etc. I tried TAC but no joy there either, etc.

Jatin Katyal · ‎01-23-2015

Hello Rafael,

SHA-2 signed certificate support was added in 4.7.2 for CAS and CAM.

We've filed a document defect to have this documented in release notes.
CSCud99946 NAC release note should say we support SHA-2 certs

Regards,

Jatin

~Jatin

View solution in original post

Jatin Katyal · ‎01-23-2015

Hello Rafael,

SHA-2 signed certificate support was added in 4.7.2 for CAS and CAM.

We've filed a document defect to have this documented in release notes.
CSCud99946 NAC release note should say we support SHA-2 certs

Regards,

Jatin

~Jatin

Rafael Sanchez · ‎01-24-2015

Thanks for the confirmation Jatin. That's what I needed to know. Bottom line is that I can't use SHA-2 certs on my system running 4.1(8) unless I upgrade to at least 4.7(2).

Jatin Katyal · ‎01-24-2015

Rafael,

If in case you upgrade, go for the latest version.

-Jatin

~Jatin

Does anyone know if Cisco Clean Access Server version 4.1(8) supports SHA-256 signed SSL certificates?