Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Tuesday, April 3, 2018 4:04 AM
Dear Experts / Members :
Due to Government audit requirements we removing all certificates signed by 3rd party and using internal signed certificates.
I get a vulnerability warning :
"The remote service uses an SSL certificate chain that has been signed
using a cryptographically weak hashing algorithm (e.g. MD2, MD4, MD5,
or SHA1). These signature algorithms are known to be vulnerable to
collision attacks. An attacker can exploit this to generate another
certificate with the same digital signature, allowing an attacker to
masquerade as the affected service.
Note that this plugin reports all SSL certificate chains signed with
SHA-1 that expire after January 1, 2017 as vulnerable. This is in
accordance with Google's gradual sunsetting of the SHA-1 cryptographic
hash algorithm.
Note that certificates in the chain that are contained in the Nessus
CA database (known_CA.inc) have been ignored."
The following certificates were part of the certificate chain sent by
the remote host, but contain hashes that are considered to be weak.
|-Subject : C=US/O=Microsoft/OU=SharePoint/CN=SharePoint Services
|-Signature Algorithm : SHA-1 With RSA Encryption
|-Valid From : Aug 31 02:23:10 2016 GMT
|-Valid To : Jan 01 00:00:00 9999 GMT
Can we change internal certificates used in application server without impacting Forms Authentication.
Thanks,
Kunal Jaiswal
All replies (2)
Tuesday, April 3, 2018 9:39 AM
Hi,
When your certificates expired, you can refer to the following article to renew it.
https://eschrader.com/2017/10/23/sharepoint-server-renewing-ssl-certificates-quickly/
Besides, this is a reference about understanding SSL Renewal with SharePoint.
https://www.fpweb.net/sharepoint-blog/understanding-ssl-renewal-with-sharepoint/
Best Regards,
Carl Zhou
Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact [email protected].
Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.
Monday, April 23, 2018 2:46 AM
Hi,
If the post helps you, you can mark it as answer to help other community members to find the information quickly.
Have a nice day!
Best Regards,
Carl Zhou
Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact [email protected].
Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.