Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 1 reply
  • Subscribers 3 subscribers
  • Views 2187 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Local X509 Cert with MD5 - change to SHA2 256 or 512

Chris Moore2

So MD5 is not secure and I'm needing to change our existing configuration from Local X509 Cert with MD5.

Can I simply change the Authentication Algorithm from MD5 to SHA2 256 or 512 and continue to use the local certificate or do I need to do more?

I presume once I change on UTM it will render all of my VPN clients useless until they download a new configuration from the User Portal?

Thank you in advance for any advice/input.



This thread was automatically locked due to age.
  • FormerMember
    +1 FormerMember

    Hi Chris Moore2,

    Once you change the authentication algorithm to SHA 256 or SHA 512 for Local X509 cert, all of the SSL Remote VPN users needs to re-download the configuration from UserPortal because as soon as you make this change old user certificates that were created with MD5 authentication algorithm will no longer work. Downloading new configuration from UserPortal will create new user certificates based on updated authentication algorithm.

    Thanks,

      

Unfiltered HTML