Welcome to the new Schneider Electric Community

It's your place to connect with experts and peers, get continuous support, and share knowledge.

  • Explore the new navigation for even easier access to your community.
  • Bookmark and use our new, easy-to-remember address (community.se.com).
  • Get ready for more content and an improved experience.

Contact SchneiderCommunity.Support@se.com if you have any questions.

Close
Invite a Co-worker
Send a co-worker an invite to the Exchange portal.Just enter their email address and we’ll connect them to register. After joining, they will belong to the same company.
Send Invite Cancel
84863members
354353posts

how to regenerate and use an SSL certificate which does not use weak Hash Algorithms

EcoStruxure IT forum

A support forum for Data Center Operation, Data Center Expert, and EcoStruxure IT product users to share knowledge on installation, configuration, and general product use.

DCIM_Support
Picard
Picard
0 Likes
8
601

how to regenerate and use an SSL certificate which does not use weak Hash Algorithms

This question was originally posted on DCIM Support by April on 2018-09-26


How to regenerate and use an SSL certificate which does not use weak Hash Algorithms

 

 

(CID:134035909)

8 Replies 8
DCIM_Support
Picard
Picard
0 Likes
0
601

Re: how to regenerate and use an SSL certificate which does not use weak Hash Algorithms

This comment was originally posted on DCIM Support by spezialist on 2018-09-26


Dear April,

Please describe your question in more detail with a couple of screenshots (if possible). And then you will be helped faster and better 😀.

With respect.

(CID:134035922)

DCIM_Support
Picard
Picard
0 Likes
0
601

Re: how to regenerate and use an SSL certificate which does not use weak Hash Algorithms

This comment was originally posted on DCIM Support by Kevin Kolobe on 2018-09-27


Hi All, spezialist, April

There is an SSL Certificate Signature Colllision Vulnerability (CVE-2004-2761) identified with the server in question. 

April is trying to get a workaround unless we have a release coming out soon that will resolve this issue. See vulnerability document attached Vulnerability Reference - Schneider server.pdf.

(CID:134036508)

DCIM_Support
Picard
Picard
0 Likes
0
601

Re: how to regenerate and use an SSL certificate which does not use weak Hash Algorithms

This comment was originally posted on DCIM Support by spezialist on 2018-09-27


Dear Kevin Kolobe,

The above information refers to the free EcoStruxure IT Gateway software?

With respect.

(CID:134036512)

DCIM_Support
Picard
Picard
0 Likes
0
601

Re: how to regenerate and use an SSL certificate which does not use weak Hash Algorithms

This comment was originally posted on DCIM Support by Kevin Kolobe on 2018-09-27


Hi spezialist,

The End User does not have the EcoStruxure IT Gateway as yet. They are only running DCE 7.5.0

(CID:134036520)

DCIM_Support
Picard
Picard
0 Likes
0
601

Re: how to regenerate and use an SSL certificate which does not use weak Hash Algorithms

This comment was originally posted on DCIM Support by spezialist on 2018-09-27


Ok, in any case, thanks for the feedback.

(CID:134036560)

DCIM_Support
Picard
Picard
0 Likes
0
601

Re: how to regenerate and use an SSL certificate which does not use weak Hash Algorithms

This answer was originally posted on DCIM Support by Christopherus Laurentius on 2018-09-28


Kevin,

Suggest using paid certificate from certificate authority?

Follow steps on generating the CSR from DCE, get it generated thru certificate authjority

 

Then replace the self signed certificate inside DCE following steps:

Modifying the SSL certificate

(CID:134678267)

DCIM_Support
Picard
Picard
0 Likes
0
601

Re: how to regenerate and use an SSL certificate which does not use weak Hash Algorithms

This comment was originally posted on DCIM Support by spezialist on 2018-10-07


Dear April,

Tell us, please, did you solve your question or not?

With respect.

(CID:134679957)

DCIM_Support
Picard
Picard
0 Likes
0
601

🔒 Closed

This question is closed for comments. You're welcome to start a new topic if you have further comments on this issue.