Data Infrastructure Management Software Discussions

Identifying any uses of the SHA-1 hashing algorithm

guenterw
views-count 1680 Views

How can I identify if SHA-1 is being used for the following?

 

- OCUM/OPM 7.2

- DFM 5.0 & 5.2

- API Services 1.2

- WFA 2.1

 

Is there another place to look besides the “fingerprint?” As you can see from the GUI picture and the CLI output below, both show SHA1 for the fingerprint. The same is true on the OCUM servers.

 

AltaVault cert.jpg

OCUM cert.jpg

What about the web certs for DFM/API/7mTT/WFA? Is there any concern with SHA-1 hashing for HTTPS?

 

It sounds like there shouldn’t be any SHA-1 usage in any of these products, but I would like to make sure.

 

Any help would be greatly appreciated.

1 REPLY 1

Re: Identifying any uses of the SHA-1 hashing algorithm

ag
NetApp
views-count 1681 Views

WFA current releases uses SHA-1 which has been deprecated. This is a known issue and will be fixed in the upcoming release. Only secure and recommended ciphers will be used in the upcoming release. Please let me know if this is a serious concern and you require a workaround to use secure ciphers.

G2 Review Banner
All Community Forums
Public