Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1363
Views
0
Helpful
3
Replies

SHA-2 certificate support on UCS-Manager and UCS-Central

Dennis Lefeber
Level 1
Level 1

‎10-08-2015 05:23 AM - edited ‎03-01-2019 12:24 PM

Does someone know if certificates that are encrypted using SHA-2 algoritmes supported on UCS Manager (v2.2) and UCS Central (v1.3)?

3 people had this problem
0 Helpful
3 Replies 3

Mic Dykstra
Level 1
Level 1

‎10-23-2015 03:50 PM

Wondering that myself, opened a ticket with TAC today to get the answer. I cannot tell if my PKI isnt working right, if I am not doing this right, or if it isnt supported. I got this working on SHA1 before, but the PKI infrastructure has been redone (partially) and only gives me SHA2

0 Helpful

mario.alvares1
Level 1
Level 1
In response to Mic Dykstra

‎10-01-2016 07:55 AM

I'm having a similar issue. I can get secure LDAP working over port 389 using StartTLS with a SHA1 LDAP certificate for UCS Central. But it fails with a SHA2 LDAP certificate. We are using Microsoft Active Directory domain controllers as LDAP servers.

I've opened up a TAC case as well. Hoping to get an answer soon.

0 Helpful

mario.alvares1
Level 1
Level 1
In response to mario.alvares1

‎10-15-2016 07:49 PM

Update: The issue is now resolved. UCS Central supports both SHA-1 and SHA-2 certificates, so that was not the issue. The issue just happened to manifest itself when I was working with the SHA-2 trusted point.

The issue was related to a known bug in the version of UCS Central we are running (v1.3 1b)  - Symbolic links not removed correctly when managing Trusted Points. Details of this issue and the workaround (manually unlink the broken symbolic links from command line) are here: https://bst.cloudapps.cisco.com/bugsearch/bug/CSCuy14299/?referring_site=bugquickviewredir 

This issue is resolved in v1.4 (1b).

Regards,

Mario

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents

Review Cisco Networking products for a $25 gift card