08-13-2024 08:04 AM
Hello everybody,
is there an information how long Cisco will still support the unsafe SHA
authentication at ASA firewall releaes?
Thanks for every hint!
Bye
R.
08-13-2024 08:19 AM
@swscco001 there is no notification of how long it will still be supported AFAIK, I expect Cisco will continue to support it whilst there are still customers requiring it. If you require further information I would recommend speaking to your Cisco Partner or Cisco account representative.
You should be able to disable SHA from where ever it is used in your configuration and use something more secure. SHA-2 and other next generation crypto has been available for a considerable period on ASA software, so there is no reason why you cannot use more secure crypto algorithms.
08-13-2024 09:22 AM
All cisco platforms support weak and strong tls/ssl (include sha)
So best is disable manually disable weak cipher
https://integratingit.wordpress.com/2021/01/27/securing-asa-tls-ciphers/
MHM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide