01-20-2014 12:57 AM - edited 07-05-2021 12:00 AM
Hi all!
We have several 7921G phones which we want to integrate in our WiFi network. Such WiFi is protected by using EAP-TLS, so we have installed the corresponding certificates to one testing phone. We have discovered that the phone does not support certificates with RSA keys with a size greater than than 2048 bits and, at the same time, their signatures must be always generated by using the SHA1 hashing algorithm. This fact also appears in the related documentation of the phone. As a consequence we have a problem since the root certificate of the CA use a key of 4096 bits and the SHA256 algorithm. We have also updated the firmware to the latest version without success regarding this. Anyone knows if there is any plan to a firmware update to support keys with a greater size and another hashing algorithms? Currently, SHA1 algorithm is considered as deprecated and the security community recommends to use another hash algorithm, as the same as occurs with the size of the keys.
Sergi
Solved! Go to Solution.
01-20-2014 10:33 AM
duplicate post. See below
01-20-2014 10:33 AM
duplicate post. See below
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: