Dear All!
I've upgraded to 12.0.1-334
https://www.cisco.com/c/dam/en/us/td/docs/security/wsa/wsa_12-0/WSA_12-0_Release_Notes.pdf says:
ECDSA Certificate upload - The appliance now supports the uploading of ECDSA certificate for HTTPS proxy.
But when I try to upload it, the appliance says:
Error — Certificates with ecdsa-with-SHA384 signature algorithm are not allowed
Any thoughts? Isn't this supported yet then?
Thanks
Hi,
Just to better understand the steps you took... How did you generate/upload the cert?
I tested it in the lab and got the same
I'll investigate it...
Do you see the same issue for other SHA algos? Or only SHA384
our prod CA is SHA384, I did not test it with others as I just updated the WSA but I'll test it if I have some time to install a test CA
*I've generated the cert from the downloaded request and tried to upload a new cert in PEM with the key. both times same error message
Thanks for the details.
I raised CSCvv04912 for it. As a workaround, you can try using SHA<=256
Please vote/mark solved if you find it helpful
12.5.1-035 is affected too.