Active IQ Unified Manager Discussions

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Active IQ Unified Manager Discussions

Ask a Question

Identifying any uses of the SHA-1 hashing algorithm

guenterw
NetApp
‎2017-04-26 04:12 PM
3,287 Views

How can I identify if SHA-1 is being used for the following?

 

- OCUM/OPM 7.2

- DFM 5.0 & 5.2

- API Services 1.2

- WFA 2.1

 

Is there another place to look besides the “fingerprint?” As you can see from the GUI picture and the CLI output below, both show SHA1 for the fingerprint. The same is true on the OCUM servers.

 

AltaVault cert.jpg

OCUM cert.jpg

What about the web certs for DFM/API/7mTT/WFA? Is there any concern with SHA-1 hashing for HTTPS?

 

It sounds like there shouldn’t be any SHA-1 usage in any of these products, but I would like to make sure.

 

Any help would be greatly appreciated.

0 Kudos
Tags (1)
1 REPLY 1

ag
NetApp
‎2017-05-08 11:29 PM
3,130 Views

WFA current releases uses SHA-1 which has been deprecated. This is a known issue and will be fixed in the upcoming release. Only secure and recommended ciphers will be used in the upcoming release. Please let me know if this is a serious concern and you require a workaround to use secure ciphers.

0 Kudos
Announcements
All Community Forums
Public