Reply To: Signature algorithm SHA1 is being deprecated

#9873 Score: 0
Chris ColemanChris Coleman
Moderator
-1 pt

Hi Isabis,

Thank you for reaching out to us!

I’d like to bring to your notice that deprecation for SHA1withRSA signature algorithm for certificate-based authentication has been announced by different organizations in the past few years due to its security vulnerabilities. Using the SHA-1 algorithm in your certificates can make it vulnerable to spoofing, phishing and man-in-the-middle attacks.

You cannot check the signature algorithm of the certificates from the Hexnode portal. However, you can manually check your certificates from your device (preferably laptops or PCs) for the type of algorithm used in them by following the given instructions:

  1. Find the location of the certificate on your device.
  2. Click on the certificate to view the certificate information.
  3. Click on the details dropdown to view the entire details of the certificate.
  4. Inside the certificate details, you will be able to find the signature algorithm used in the certificate.

Once you’ve found out the certificates having SHA1withRSA signature algorithm, you can replace those certificates with the newer ones from the policies and re-associate the policy to your devices.

Hope this answers your query.

Cheers!
Chris Coleman
Hexnode UEM