Categories:
Android (13)
Apple Mac (27)
DH Keys (39)
DSA Keys (70)
EC Keys (918)
Firefox (30)
General (10)
Google Chrome (25)
Intermediate CA (152)
Java VM (29)
JDK Keytool (28)
Microsoft CertUtil (29)
Microsoft Edge (9)
Mozilla CertUtil (21)
OpenSSL (236)
Other (7)
Portecle (38)
Publishers (3185)
Revoked Certificates (16)
Root CA (85)
RSA Keys (2559)
Tools (46)
Tutorial (1)
What Is (22)
Windows (127)
Collections:
Other Resources:
What Is SHA-256 Certificate
What is SHA-256 (Secure Hash Algorithm 2 - 256 bits) Certificate?
✍: FYIcenter.com
SHASHA-256 (Secure Hash Algorithm 2 - 256 bits) Certificate is
a X.509 certificate that uses SHA-1 hash function to generate the hash
of the public key provided by the certificate subject.
Here is an example of a SHA-1 certificate:
fyicenter$ openssl x509 -in GlobalSign.pem -text -noout Certificate: Data: Version: 3 (0x2) Serial Number: 04:00:00:00:00:01:0f:86:26:e6:0d Signature Algorithm: sha1WithRSAEncryption Issuer: OU = GlobalSign Root CA - R2, O = GlobalSign, CN = GlobalSign Validity Not Before: Dec 15 08:00:00 2006 GMT Not After : Dec 15 08:00:00 2021 GMT Subject: OU = GlobalSign Root CA - R2, O = GlobalSign, CN = GlobalSign Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:cf:24:0e:be:2e:6f:28:99:45:42:c4:ab:3e: 21:54:9b:0b:d3:7f:84:70:fa:12:b3:cb:bf:87:5f: c6:7f:86:d3:b2:30:5c:d6:fd:ad:f1:7b:dc:e5:f8: 60:96:09:92:10:f5:d0:53:de:fb:7b:7e:73:88:ac: 52:88:7b:4a:a6:ca:49:a6:5e:a8:a7:8c:5a:11:bc: 7a:82:eb:be:8c:e9:b3:ac:96:25:07:97:4a:99:2a: 07:2f:b4:1e:77:bf:8a:0f:b5:02:7c:1b:96:b8:c5: b9:3a:2c:bc:d6:12:b9:eb:59:7d:e2:d0:06:86:5f: 5e:49:6a:b5:39:5e:88:34:ec:bc:78:0c:08:98:84: 6c:a8:cd:4b:b4:a0:7d:0c:79:4d:f0:b8:2d:cb:21: ca:d5:6c:5b:7d:e1:a0:29:84:a1:f9:d3:94:49:cb: 24:62:91:20:bc:dd:0b:d5:d9:cc:f9:ea:27:0a:2b: 73:91:c6:9d:1b:ac:c8:cb:e8:e0:a0:f4:2f:90:8b: 4d:fb:b0:36:1b:f6:19:7a:85:e0:6d:f2:61:13:88: 5c:9f:e0:93:0a:51:97:8a:5a:ce:af:ab:d5:f7:aa: 09:aa:60:bd:dc:d9:5f:df:72:a9:60:13:5e:00:01: c9:4a:fa:3f:a4:ea:07:03:21:02:8e:82:ca:03:c2: 9b:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 Basic Constraints: critical CA:TRUE X509v3 Subject Key Identifier: 9B:E2:07:57:67:1C:1E:C0:6A:06:DE:59:B4:9A:2D:DF:DC:19:86:2E X509v3 CRL Distribution Points: Full Name: URI:http://crl.globalsign.net/root-r2.crl X509v3 Authority Key Identifier: keyid:9B:E2:07:57:67:1C:1E:C0:6A:06:DE:59:B4:9A:2D:DF:DC:19:86:2E Signature Algorithm: sha1WithRSAEncryption 99:81:53:87:1c:68:97:86:91:ec:e0:4a:b8:44:0b:ab:81:ac: 27:4f:d6:c1:b8:1c:43:78:b3:0c:9a:fc:ea:2c:3c:6e:61:1b: 4d:4b:29:f5:9f:05:1d:26:c1:b8:e9:83:00:62:45:b6:a9:08: 93:b9:a9:33:4b:18:9a:c2:f8:87:88:4e:db:dd:71:34:1a:c1: 54:da:46:3f:e0:d3:2a:ab:6d:54:22:f5:3a:62:cd:20:6f:ba: 29:89:d7:dd:91:ee:d3:5c:a2:3e:a1:5b:41:f5:df:e5:64:43: 2d:e9:d5:39:ab:d2:a2:df:b7:8b:d0:c0:80:19:1c:45:c0:2d: 8c:e8:f8:2d:a4:74:56:49:c5:05:b5:4f:15:de:6e:44:78:39: 87:a8:7e:bb:f3:79:18:91:bb:f4:6f:9d:c1:f0:8c:35:8c:5d: 01:fb:c3:6d:b9:ef:44:6d:79:46:31:7e:0a:fe:a9:82:c1:ff: ef:ab:6e:20:c4:50:c9:5f:9d:4d:9b:17:8c:0c:e5:01:c9:a0: 41:6a:73:53:fa:a5:50:b4:6e:25:0f:fb:4c:18:f4:fd:52:d9: 8e:69:b1:e8:11:0f:de:88:d8:fb:1d:49:f7:aa:de:95:cf:20: 78:c2:60:12:db:25:40:8c:6a:fc:7e:42:38:40:64:12:f7:9e: 81:e1:93:2e
As you can see, the "Signature Algorithm: sha1WithRSAEncryption" field tells us that this "GlobalSign Root CA - R2" root CA certificate is a SHA-1 certificate. It is considered as not secure.
2021-11-30, 328👍, 0💬
Popular Posts:
How to view general information of a root CA certificate in Google Chrome? I want to know when is th...
Certificate summary - Owner: DigiCert SHA2 High Assurance Server CA, www.digicert.com, DigiCert Inc,...
Certificate Summary: Subject: DigiCert Global Root CA Issuer: DigiCert Global Root CA Expiration: 20...
What are ASN.1 field types supported by the OpenSSL "ans1parse" command? OpenSSL "ans1parse" command...
How to delete a certificate from a certificate store using "certmgr.msc"? The certificate has been e...