Mark,
On 1/26/21 14:10, Mark Thomas wrote:
On 26/01/2021 13:20, Mark Thomas wrote:
On 25/01/2021 15:04, Christopher Schultz wrote:
<snip/>
I see there is a /sha1 option on the command as well. Does that mean
that SHA1 is also being performed?
No.
Is it required?
Yes. It is how we ID the certificate /key to sign with.
We abandoned SHA-1 (and SHA-256 for that matter) for the signatures we
put on our web sites some time ago. Is it possible to use SHA-512 for
these signatures as well?
A quick hunt around the internet suggests using SHA-512 signatures
should be possible. However, that was with a local key. The DigiCert
signing using a custom library to access the keys remotely. Let me run a
test...
Yep. That worked. Thanks for spotting this. I've updated the build scripts.
;)
-chris
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
