Horizon Self-Signed Certificate uses deprecated SHA-1
Bug #1461983 reported by
Christopher H. Laco
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack-Ansible |
Fix Released
|
Medium
|
Ian Cordasco | ||
Icehouse |
Fix Released
|
Medium
|
Ian Cordasco | ||
Juno |
Fix Released
|
Medium
|
Ian Cordasco | ||
Kilo |
Fix Released
|
Medium
|
Ian Cordasco | ||
Trunk |
Fix Released
|
Medium
|
Ian Cordasco |
Bug Description
The self-signed certificate generated for Horizon uses the deprecating SHA-1 fingerprint by default. As various clients start to treat that as insecure, we should move to using the SHA-2 fingerprints.
To post a comment you must log in.
For reference, https:/ /security. stackexchange. com/questions/ 65271/can- a-csr-be- created- in-openssl- with-sha2